www.upfarargoa.ro/lvot/?qbot.zip/
91.212.66.190301 Moved Permanently 249 B URL HTTP/1.1 www.upfarargoa.ro/lvot/?qbot.zip/
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c70b6ca8a67e632bd42a799836013a14
b61707f63b8fc942c44afb4ac63488f4e5d92276
dfadf83fc189055ec53548282a6b5f1611cc7f5d808de56aebbb9a59bdbb3820
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /lvot/?qbot.zip/ HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 23:26:39 GMT
Server: Apache
Location: https://www.upfarargoa.ro/lvot/?qbot.zip/
Content-Length: 249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8765
Expires: Thu, 01 Dec 2022 01:52:44 GMT
Date: Wed, 30 Nov 2022 23:26:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:39 GMT
Last-Modified: Wed, 30 Nov 2022 22:42:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9392
Expires: Thu, 01 Dec 2022 02:03:11 GMT
Date: Wed, 30 Nov 2022 23:26:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 23:18:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 515
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ylE2KAYF6kkDcFONSShPIMiGAlr+jli63I0fqj4pRJmCzJRWAnSDCcyzUEJa/HGR0jpCyVdVOZs=
x-amz-request-id: KHS0KYK41008RVSF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 22:45:24 GMT
age: 2475
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:26:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.comodoca.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ee7041d1072fe8441f8e5260bdba23c1
d365ebca742777226460d431d9311f69c2b68d25
24012311ddb4600847324657b236fc605c49bd28a622270f541ada28daab84b0
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 20:39:35 GMT
Expires: Wed, 07 Dec 2022 20:39:34 GMT
Etag: "d365ebca742777226460d431d9311f69c2b68d25"
Cache-Control: max-age=594174,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77275968eeebb506-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 1063
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2677
Cache-Control: max-age=123888
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:40 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:51:28 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.upfarargoa.ro/lvot/?qbot.zip/
91.212.66.190404 Not Found 94 kB URL HTTP/1.1 www.upfarargoa.ro/lvot/?qbot.zip/
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 4b27fa212828e6de5fc4290dda801982
f36ec92ac52a948ae71f69ad306b8298bf250d02
b6e951a6238afc118992bab641efc8e6e2a463cc818e0971e18b2eddce0db2b2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /lvot/?qbot.zip/ HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 23:26:39 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DDHEGTXPFR0JjTQX9Bvq1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: itebmNwCjFnKH3OwM6xeH3LQpFs=
www.upfarargoa.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
91.212.66.190200 OK 19 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0.3
54.230.111.71200 OK 1.7 kB URL HTTP/2 cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0.3
IP 54.230.111.71:0
File type ASCII text, with very long lines (7191)
Hash 0b704046d76bb4d3929be4f7f20472f5
564f70325044cf9834f70d9689463cbfb8a53b71
511ae4f5d6a1803848d68c82cd61d2ad1ed3a1c65037e2cbcf9a7edd2fa6fa5d
GET /free/1.0.0/icon-font.min.css?ver=6.0.3 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 1672
date: Wed, 07 Sep 2022 12:38:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:10 GMT
etag: "0b704046d76bb4d3929be4f7f20472f5"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V8CXSeQRdiTjAL34gmB_X5TUfLpRX8MjJuz90DoNGF2_09Z6F2anNQ==
age: 7296468
X-Firefox-Spdy: h2
cdn.linearicons.com/free/1.0.0/svgembedder.min.js?ver=6.0.3
54.230.111.71200 OK 519 B URL HTTP/2 cdn.linearicons.com/free/1.0.0/svgembedder.min.js?ver=6.0.3
IP 54.230.111.71:0
File type ASCII text, with very long lines (520)
Hash 6fb5a1a9925f28916193ddc1d72f9b0d
bdc64cce45bb408f635c2d61ef79061ea1997069
85194f705319dba5c19a61ccf7643ab990e4a699e2927a3d967b62d70ebbea9b
GET /free/1.0.0/svgembedder.min.js?ver=6.0.3 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 519
date: Fri, 02 Sep 2022 06:26:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:40 GMT
etag: "6fb5a1a9925f28916193ddc1d72f9b0d"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pLh9rlLd-U9yIF6Gnji1NbmiYd1IE3LPCvELYjKAogRNxUr3KAY-iQ==
age: 7750819
X-Firefox-Spdy: h2
code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css?ver=1.1.9
69.16.175.42200 OK 8.1 kB URL HTTP/2 code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css?ver=1.1.9
IP 69.16.175.42:0
File type ASCII text, with very long lines (2363)
Hash 6c82a49e7983d483c0d8a2693d66a17b
6d6deea9c1f9d0b1ded69cc2b82b07d4e8e60952
763ce5616013ac40d27502cb40d92589c5ce9e2a8034692666734ece10671326
GET /ui/1.11.4/themes/smoothness/jquery-ui.css?ver=1.1.9 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:26:40 GMT
content-encoding: gzip
content-length: 8056
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-898c"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669850800.dop207.sk1.t,1669850800.cds264.sk1.hn,1669850800.cds262.sk1.c
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=6.0.3
216.58.207.234200 OK 63 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=6.0.3
IP 216.58.207.234:0
File type ASCII text, with very long lines (64562)
Hash 468446a7240461af44b59ebb2047c231
47b7c525dc91bece99df0c414960b9490b986ba8
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6
GET /ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=6.0.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 62563
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:30:35 GMT
expires: Wed, 29 Nov 2023 18:30:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 104165
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
91.212.66.190200 OK 4.9 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:45 GMT
Accept-Ranges: bytes
Content-Length: 4933
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3
91.212.66.190200 OK 233 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 29e08a0befe4552f0c4b3daa2da97471
6d99dfae3139ada7a4513b61d53c0f9a3884c0e5
aacbcb221f648fada619139b81efc00b8bd115ec5ddca3de8769361edae1bcc2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:17 GMT
Accept-Ranges: bytes
Content-Length: 233
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3
91.212.66.190200 OK 6.0 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash b6fdbad7bd5e27dd7c1fe45674e26943
1529dce44d28042d09df915ccf60e9b963787cd6
6fc7e240cedc42494b66fba96e247828d1abe4b5eca89fa4be8dedee7f701df9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:16 GMT
Accept-Ranges: bytes
Content-Length: 5955
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/tagit.ui-zendesk.css?ver=6.0.3
91.212.66.190200 OK 2.8 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/tagit.ui-zendesk.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 1196766031c7b1e905b5082574f1aad9
3e04aee3a3aba63357f32b9243fa137df2f3c83d
7516c6b9d408da446f01171638691c1d2b4fd282c71a0b19093e6ac40cf54e72
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/css/tagit.ui-zendesk.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:18 GMT
Accept-Ranges: bytes
Content-Length: 2822
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
91.212.66.190200 OK 3.9 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 91841e3b0a773c4cfe7b75ca985b26a6
ceb70b32222a821d1f588d84d5170756632f3959
bb0d6bad8dda35bbe5134fbab0750ee9616f4f08bb5df0cc5716af758cbe5997
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:42 GMT
Accept-Ranges: bytes
Content-Length: 3874
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3
91.212.66.190200 OK 7.4 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (7191)
Hash ec26292e52e5bc20624b029974bd0adf
3756375bb053b0f3f62303597d844f70cef1b5e0
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:21 GMT
Accept-Ranges: bytes
Content-Length: 7354
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6
91.212.66.190200 OK 40 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (781)
Hash e7c269103fc6fcc03d38013fa6727a4f
293658b37e374be0e0cb95831f477e5fc24ce2e1
1318b02c6580e7863e955f6079abe35199093d0951fb1e1ef7458d78b9740ef6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:17 GMT
Accept-Ranges: bytes
Content-Length: 40393
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
91.212.66.190200 OK 89 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (43771)
Hash b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7
91.212.66.190200 OK 9.8 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 50c45b4c9bf20b3623ca76530534b0bf
460fe47e670fe59ec146c6d0b4e49115f21baf7a
0181265d99a39991feee0b80f12ecf620092ab4fc64de5fe9348a3d0719efca9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:21:51 GMT
Accept-Ranges: bytes
Content-Length: 9781
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/font-awesome.min.css?ver=3.0.7
91.212.66.190200 OK 21 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/font-awesome.min.css?ver=3.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (20604)
Hash bbfef9385083d307ad2692c0cf99f611
63a234ea4d60f6643a60a4d79e28f291b93c1743
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/css/font-awesome.min.css?ver=3.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:21 GMT
Accept-Ranges: bytes
Content-Length: 20766
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
91.212.66.190200 OK 2.7 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:05 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
91.212.66.190200 OK 210 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209831 bytes)
Hash 9ed8fcb16418ff477a6c93fe33f86563
47be642692139a2ce63cf655cba31767cb7e8074
3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:45 GMT
Accept-Ranges: bytes
Content-Length: 209831
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2705
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:40 GMT
Last-Modified: Wed, 30 Nov 2022 22:41:35 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6
91.212.66.190200 OK 1.7 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 13b1b6672b8cfb0d9ae7f899f1c42875
6e9d13342a11a8cfd9e42ee243eaeae01cda4e25
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:36 GMT
Accept-Ranges: bytes
Content-Length: 1729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9
91.212.66.190200 OK 59 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with very long lines (12602)
Hash 7407624bfb90f435e2d96d3191332f99
3bcf6ef1e4e8bb0969be7c7ef9e6fbbd17af7879
b1038ef6b4cc0ebb89dec9680c8e2c0d327ca4ab4f3e87e80003dd5fba350a28
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:23:38 GMT
Accept-Ranges: bytes
Content-Length: 58912
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/jquery-ui.css?ver=1.12.1
91.212.66.190200 OK 36 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/jquery-ui.css?ver=1.12.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (2363)
Hash a132ede819bad05cca4164b7aa720043
7c92d0e8b6c8fe4057dfc53252765774870ce71a
3030e6b5c4e92ccf8819b989a6292779ded8a3a60cabf302043f668805ff5107
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/jquery-ui.css?ver=1.12.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 35972
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7
91.212.66.190200 OK 940 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Size 940 kB (939512 bytes)
Hash 42ad34099302ea8203016caaff6cc9ea
7494ee5dde8bdb8d963dc8455403751e40ba6043
4e4a5593110f8666192cf25edf7a4999fdff6285ba65a0974fa45ef0eda18067
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:00 GMT
Accept-Ranges: bytes
Content-Length: 939512
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7
91.212.66.190200 OK 478 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (325)
Size 478 kB (477887 bytes)
Hash c5b94b4e1a8c18498ffe3794db7992de
10c0f1dc86af0eaed89692965de7da1be913f2a7
55067fbabab6d637f82a866897829fcd26f4ad320b806b85f5304d7323e1199e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:59 GMT
Accept-Ranges: bytes
Content-Length: 477887
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6
91.212.66.190200 OK 3.1 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 02473ba3391613484a1a8f4c44e4a5b0
b46d0b036c8a429a249ecedb776b5619e56547ed
69034fe6b34e98e658468c5ecaebf5d831d4bba2e4ba5832a68ec82c1c75d3b7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:36 GMT
Accept-Ranges: bytes
Content-Length: 3149
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7
91.212.66.190200 OK 311 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 (with BOM) text
Size 311 kB (310706 bytes)
Hash 6b16298266d790554daba055a4dfe2c2
bdd3233cb1094cc7b5c30dcef0b4eccd1af662cd
eb8ca8ff96e239573a57036b21ef902ca9a089857e666814c5383c8cf097115f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:21 GMT
Accept-Ranges: bytes
Content-Length: 310706
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6
91.212.66.190200 OK 30 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash ec45594030549520a0f6078ab4c50a30
b0e6c9dcb599f8a597a8064f634c565f0c996d44
a75e982abfa95a04b78613c167469eab8872fa4ad9180bb522fd6bf240449017
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 30377
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=6.0.3
216.58.207.234200 OK 5.9 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=6.0.3
IP 216.58.207.234:0
File type ASCII text, with very long lines (1398)
Hash a4c64be3878ceb36796c1a87b3173c3a
37febc085eab2a582388c75954c6b39b3fcebdeb
c3f85a3d153d17f7fb99133915101d9fa1510cf8f1a426fc69875fef78487bb8
GET /ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=6.0.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5862
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 06:49:29 GMT
expires: Sat, 25 Nov 2023 06:49:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 491832
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3
91.212.66.190200 OK 679 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 795c16c7f09c4bdb4e44be95c52a7cf6
6f3b4bd3323a12a2dcc4732ac4797db73bb82749
bdf851ea5f3ff230b418f731a19433abda875ceea5fc8ccc923a1a66221f12ec
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 679
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3
91.212.66.190200 OK 47 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash d63a2485a8deb28a826f6adfcef1f7e0
ecf5f331250fd3829edb3910d57bf2af259be456
b689c434df468c579734961e8632190a5796d94101fabefc8a4f3e8f060ee9b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 46999
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-brands.css?ver=6.0.3
91.212.66.190200 OK 663 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-brands.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 85a3fea53c93538f7e38037c584715fa
513f7cf131d9c1a691dc2fcf64598c70523166d2
97f3f2afe6db3da397c1a0871a73def374284605dea8041798196f954c3f5c31
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/fa-brands.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 663
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3
91.212.66.190200 OK 686 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash cf5460da8c5c4c3a644090ad828cf4e9
4104dd3cc892c70aae178800554607155620ab55
aef5044b78f9c290bb9ccc3050cd8fa54913ab9d1b8b8fb5e4d04e8ea7196749
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 686
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6
91.212.66.190200 OK 31 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (30819)
Hash f1084ded2cf974f6314f2df6f00c53d4
f5224569701f68e04ac1df9da357ccc101e753a5
5cfcdebf8f38725bebe6f58ff39a6d044806bca0220a1e0b7e3257f9ad7392d1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 30982
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6
91.212.66.190200 OK 285 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Size 285 kB (285050 bytes)
Hash 7ce9a3754096c82546beb43da5f849b1
0c29f933903e4c7ea2d0109bf9b76e97f439f054
030da3738554ef3169547aa3e5e4e63e2523620da5c817e3c318ebe8fe8af310
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 285050
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/jquery.selectbox.css?ver=1.1.9
91.212.66.190200 OK 2.0 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/jquery.selectbox.css?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash e62ed1654c70f13b32f1dab590131c24
e728af2d9159342a54657726885c61f75065675a
9683a4826731a5a762f4850b43f763d92ab8718fe8a59ea5072e727a88f4f74f
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/css/jquery.selectbox.css?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:56 GMT
Accept-Ranges: bytes
Content-Length: 1969
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/font-awesome.min.css?ver=1.1.9
91.212.66.190200 OK 29 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/font-awesome.min.css?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (28900)
Hash 4083f5d376eb849a458cc790b53ba080
fb5b49426dee7f1508500e698d1b3c6b04c8fcce
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/css/font-awesome.min.css?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:55 GMT
Accept-Ranges: bytes
Content-Length: 29063
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3
91.212.66.190200 OK 233 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 29e08a0befe4552f0c4b3daa2da97471
6d99dfae3139ada7a4513b61d53c0f9a3884c0e5
aacbcb221f648fada619139b81efc00b8bd115ec5ddca3de8769361edae1bcc2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:56 GMT
Accept-Ranges: bytes
Content-Length: 233
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3
91.212.66.190200 OK 6.0 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash b6fdbad7bd5e27dd7c1fe45674e26943
1529dce44d28042d09df915ccf60e9b963787cd6
6fc7e240cedc42494b66fba96e247828d1abe4b5eca89fa4be8dedee7f701df9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:55 GMT
Accept-Ranges: bytes
Content-Length: 5955
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9
91.212.66.190200 OK 279 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (444)
Size 279 kB (279426 bytes)
Hash b2be7f4c92e606c60b512a91baed3d0f
a1a55c37a3a2b6558e65a13b8b36e2db3a3a7e6b
8021bc0e621f2434eae0c5278726a90f3e86cb00343e74abb22b32558a556867
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:55 GMT
Accept-Ranges: bytes
Content-Length: 279426
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3
91.212.66.190200 OK 5.5 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash d37fccf68a24c0e840de4f158a99b671
9d100fb2eba1709c792e09c6e1b6794c11b25d6e
8e8836fb93e7a6803da6193370c69b88271a0fd2372d86fd115ba2473230158a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:37 GMT
Accept-Ranges: bytes
Content-Length: 5541
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
91.212.66.190200 OK 18 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:42 GMT
Accept-Ranges: bytes
Content-Length: 17809
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
91.212.66.190200 OK 63 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:42 GMT
Accept-Ranges: bytes
Content-Length: 62755
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
91.212.66.190200 OK 908 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (907)
Hash 6f1ecd534f48422ce13105c7b6776a6a
5530b098a3fea4bde23e9f9ab799f19d4a0fa2ee
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:24:35 GMT
Accept-Ranges: bytes
Content-Length: 908
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8
91.212.66.190200 OK 43 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (42839), with no line terminators
Hash f59e3f4c0087b4d8ddc27bdd9c9ab92b
fac9b521062feb5250c04d62128a8c3ddb312632
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 42839
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8
91.212.66.190200 OK 26 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (6610), with CRLF line terminators
Hash 33c2ef757072512b907793263fe84d4c
857df274b776d6d50feb66e37bba55f6e262d468
e9ff3997fd1824b230d5036b291ec38f1ad0dddc91ace74c95bff332a9078339
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 26396
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8
91.212.66.190200 OK 8.5 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash dca27b4a1562d7f98812ae5f9d71932b
0758e33b3821ae3dc248e1ae567098c573e6ab53
0af2c245fcba2be84c64cf74beedd0cddab8c67ceab288ad091cc429a49a65e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 8517
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
91.212.66.190200 OK 31 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 31004
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8
91.212.66.190200 OK 76 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF, CR line terminators
Hash edb77348224c38f9560bf17c2e3d2e6b
7eecfd6ebfab9ad38b1dd780c337360626427641
8621f34021150dff10ae76033fbab2e1e4c9c0840cb0162213425a4b42d2ef54
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 75963
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8
91.212.66.190200 OK 20 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (402), with CRLF line terminators
Hash 5d380f50f8384f73f7f32bb7e244859b
b8cf5b73e264626507a60447b59e32a3924488d7
cb444ba3d0eb341ae27ff4e550228e184ac89b72da014d46e4f252d81ec26c86
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 20057
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8
91.212.66.190200 OK 1.9 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash b06073c5a23326dcc332b78d42c7290c
64e6c5ff99f14c65752e0322234160f8e83fc6c2
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 1895
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8
91.212.66.190200 OK 3.3 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash bb4dfbdde8f2a8d4018c1f0293a03483
48124e11e67a0721e4f080d170a111274b44a237
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 3349
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8
91.212.66.190200 OK 44 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash bd84063774d389eeb27b9f0f4f0fdf0a
4c38aa2a6c05d14db87e26f8cedafec054f60ad3
7e1494d864c525a652b3179defb60ae4f7c7f1c2841dd75592e82b66e6dad6c7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 43848
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
91.212.66.190200 OK 90 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (65447)
Hash 02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/newsletter/style.css?ver=7.4.2
91.212.66.190200 OK 6.3 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/newsletter/style.css?ver=7.4.2
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash e82f7c1bf34a75131708b4d9028fd6f1
587555f2d28fd2b15d470116a6e3c322a06e7cc1
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/newsletter/style.css?ver=7.4.2 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:06:50 GMT
Accept-Ranges: bytes
Content-Length: 6282
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
91.212.66.190200 OK 11 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6
91.212.66.190200 OK 24 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash d27a76a9b635a4dcfbbaaed5f55461f5
8b3f3530e3bcc64767f9b32b53d0b9e60881e533
d02eea8c6f61f96111ea6be2f861cd8b4d05ca2ac717be3177aecd9116d552ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 23552
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8
91.212.66.190200 OK 243 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Size 243 kB (243016 bytes)
Hash cc94a87e0f8b5f9d7cf91da76d701ae8
be2f0699da53a35f01f11b1792ade8bc06260c23
5c4a0551cf12f0ed16c247949a10cfc4fbff26aaa8c83708ab9790656c3dbd1d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 243016
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-content/themes/vmagazine/style.css?ver=1.1.8
91.212.66.190200 OK 520 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/style.css?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Size 520 kB (519481 bytes)
Hash 3924f9462585dff7823a5432829fada9
b70ecbb7e95ab26e2f6576b64604bbff766ac0e0
dc7cf16831f8e694eca2530468d81cdd29a66deb9ee45bbc6593dc7497cc55b1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/style.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Tue, 09 Mar 2021 19:24:55 GMT
Accept-Ranges: bytes
Content-Length: 519481
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
91.212.66.190200 OK 37 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (36560)
Hash 24443da3a469ca21411e562a861ec083
14a10995d6efe48ceea5916e218ecf177560352a
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 36743
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
91.212.66.190200 OK 21 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 20715
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3
91.212.66.190200 OK 47 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 59514960cf71749a03c204a44345eaca
10f1ec9ca8633c5be2809d479bbd3bc5c57f622d
4dbc244226a30f6c28c384b9fd2c7d21535c58674c9773e6db0bb4b5faf2271e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 47269
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6
91.212.66.190200 OK 15 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (591)
Hash aa294d7a6febff508aec6691684137c4
fa313b686a1b3d9b80cc5d2063d91969848a142f
97034923921c5b085988d368e84feff2fe422cd0405678f9bcc05270cfa68eaf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 14872
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6
91.212.66.190200 OK 672 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash af6f98a77d3ef9844e547fdbda7b935c
5e1abbc9b44a66bc340249e598a87d0294a9416c
ef9d4a59c3077004cefa3e815ec8135031010d0bc6684cb31d392e2e214298e4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 672
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Last-Modified: Wed, 30 Nov 2022 22:41:35 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6
91.212.66.190200 OK 30 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (402)
Hash f15b068837cb703c372f44df2b4c0384
6f3fa3430d7d8dbb1f001d467dec263542eb508b
b9fd13679e033836f0d54e3b01fb61077fdf7bf58685a6fc891693d66e873c85
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 29536
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
34.120.237.76200 OK 2.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 995eb3df7ec5507e3392fdb1ca6395b4
9bc2e9039e9340b83ffcfb90e4e2c631a8723e60
4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2150
x-amzn-requestid: 59ef9edf-d9c1-45d0-b084-adf8e2f0738d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cXQcKGPXoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385fab4-693e8d7d5632d48722e31757;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 12:27:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iO-jUNMNzAM6zHh1oEftgZcW18vxdgaFGpNe4a1WHU97pRMMuHIKaQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:51:49 GMT
age: 20092
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 6068
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1039182464db1365a476dd88029b97d8
06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12655
x-amzn-requestid: beeeccd0-a494-4d0c-91e9-0d1e2ab37b6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YoFmMIAMFT4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-60f5e2286cf3965a42ab31b9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CiGOvF7Lmz8cICQcjUcE6QGokbAIAd3WClI4PK_aDSxo-yHVcPPA7w==
via: 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:29 GMT
age: 6072
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7
91.212.66.190200 OK 830 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (520)
Hash 4d3b9be4d3227e8879b94c20daea3ba2
486c5b5fd9de759457fb74d44bca35ef5cea26af
d05c39d16a7ced23ea1d6930893e848d5554260f91395849dae4470344ff0199
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:24 GMT
Accept-Ranges: bytes
Content-Length: 830
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 6067
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70afa08b7d0b64772b90ae190689e6c1
527cf32104041423176fadd3cfc2120fe63f6bfc
31ebf9decb53b8180922c4b10d0427aba95a802246a5ced8ec368d814a33b843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9993
x-amzn-requestid: 7d7febbc-2bdf-44e9-9727-9c56b5bcb138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1VNFZiIAMFV-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cf54-1f89231026a9b5c467324134;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qK6AAXX3bqNSjQerE2jNysmMWX6X5j4Mm-MRQfG06YU7YmklFfE3NQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:50:08 GMT
age: 5793
etag: "527cf32104041423176fadd3cfc2120fe63f6bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 10:53:00 GMT
age: 45221
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6
91.212.66.190200 OK 84 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 99cf8430b8d81c268269760118ec31a4
3fec23eeb6e45407f1fa1d38cf1cd3d463dd1f7a
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:36 GMT
Accept-Ranges: bytes
Content-Length: 84265
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9
91.212.66.190200 OK 124 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (42889)
Size 124 kB (124185 bytes)
Hash e5cd17674ab1e7e8f556707b9e894175
c1b2a4a4f6fde101fc5bb4918c75fe8c2b163eb8
a4aca4b3ad7c3976cfbd935294d071c1e276081e7a8ddeaf030ab5b5e280204d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:23:39 GMT
Accept-Ranges: bytes
Content-Length: 124185
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/fileuploader.js?ver=1.1.9
91.212.66.190200 OK 47 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/fileuploader.js?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 98cde89c7ee02f7e2a40073f28a37944
665e01df8a1134516e829cae8f6d0d26f63aef06
f0dbfe605aac49325f6b34f64a9ff1a12cbcc4e3f6f6df6f77595dd250971c83
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/js/fileuploader.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 47264
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9
91.212.66.190200 OK 9.3 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (8996)
Hash adf81ade4d0a8a6934d76b6e47dbb883
d5033b2320d2cc6b8de9b43787cfadb4d2f9245d
91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 9280
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
91.212.66.190200 OK 3.4 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (3233)
Hash 5c38aa6d5b98586ca2ba973ab8b4b6b1
8215983363ea0d74f99368336404b0d27217778f
7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 3411
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.9
91.212.66.190200 OK 338 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (64270)
Size 338 kB (337548 bytes)
Hash c0783a3a9c443828a8b26ea96bb2c986
3fe1bbcfd0bc7adb1c504a057e9243cdb523c554
387396b35daa1edeab09e949101c7473b855e0c465dcee906f860db9cf2ba1fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:23:39 GMT
Accept-Ranges: bytes
Content-Length: 337548
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9
91.212.66.190200 OK 1.3 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with very long lines (1090)
Hash 700b877cd3ade98ce6cd4be349d81a5c
c1c36e6927436231eb20474356b29667c4c648aa
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 1291
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7
91.212.66.190200 OK 15 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 3feaf7e7b9e4ccdb944d4e2840907a5b
65ef77a1ab8e305a6872dc2c0ba3a6f688a98f9e
fefff8161269b107e18eb9f9ae30fdc46ca9dcd96ae322c855bbe95b0c01623e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:04 GMT
Accept-Ranges: bytes
Content-Length: 15068
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9
91.212.66.190200 OK 31 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (373)
Hash 0c5df04ba4359968c4682e6a7e5108d5
886bc1f3b6cb79c29532999ad97539036c4e2881
9a4f4e90a45250574a92386246673abe09d604221f47be1e9dc01d02dc083e39
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 31177
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7
91.212.66.190200 OK 1.2 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Hash 3305070732801b98f1d11f384ba19014
c2b5348a2b006f2a2343669c8eb2fe2f1bf5c3a6
5a33651183bef3e7839ce9285f0e830c78322c4d7d4062294fd31fe345c6fc3d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:03 GMT
Accept-Ranges: bytes
Content-Length: 1179
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
91.212.66.190200 OK 6.5 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
91.212.66.190200 OK 3.0 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:12 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
91.212.66.190200 OK 9.5 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:14 GMT
Accept-Ranges: bytes
Content-Length: 9533
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
91.212.66.190200 OK 19 kB URL HTTP/1.1 www.upfarargoa.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 19142
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
91.212.66.190200 OK 9.7 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type HTML document, ASCII text, with very long lines (9720), with no line terminators
Hash cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:05 GMT
Accept-Ranges: bytes
Content-Length: 9720
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
91.212.66.190200 OK 1.8 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:15 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
91.212.66.190200 OK 2.1 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:14 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
91.212.66.190200 OK 2.9 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:12 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8
91.212.66.190200 OK 3.4 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type HTML document, ASCII text, with CRLF line terminators
Hash c1b7fbe6b1a3b777fddfe187094deb97
498d2b1a5cfd53ce9b320c9ccd7d53ea7b04ffb7
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 3437
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8
91.212.66.190200 OK 5.0 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (4890), with CRLF line terminators
Hash e1ede55b9e9b7859a8044e4a7faa616d
a557fa257f3c6376d6480c2c919be9f833cfda6d
0192777d238a25bd733dcbf1e16096129fe0015a9220a04ba1baca322000cfe8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 5023
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8
91.212.66.190200 OK 3.1 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash f871c9ac0b45315adf1eb810e12f25db
d00cfc8d125f08ee5b227cc62a529b59b7ee7744
28da7cecad28461418089f8aa61188365dd9935932004e6d35f24b729d637ebd
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 3089
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8
91.212.66.190200 OK 95 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (732), with CRLF line terminators
Hash 50c803e1483b1bbb1531fea61f849d98
6643dec32d981aeeda46f85ee130d74f14732bfe
72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 95406
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8
91.212.66.190200 OK 732 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash 4b67b4e4144499d75b62d75b6e8f00da
3bd5055fb6c65f59ee5a4292c8a4d5205d869469
11568a1a7f4ac4e0430f69d6f8a3d47fe874c9d10db8bc24975d28b6745a1e67
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 732
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8
91.212.66.190200 OK 16 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash a586cc49b879664d7cfff48e50dbb52f
c90461326ec06a6d9d32c651431efb36dd7dbd86
9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 16066
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8
91.212.66.190200 OK 22 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (21223), with CRLF line terminators
Hash 11289aa698605cab3300acef620164fc
e13ff658c3f1d0b3c5caf6793816ef7eb64dce2e
b649d54062bfbf69d736f62f09317785091dc9a17abffa380289f55f92f4e8db
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 21512
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8
91.212.66.190200 OK 50 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash ab61327c0c8eb87f2bdadffbff396bd0
ec7f3612267e06dd54138a781b20f0a82e1a3d60
fe1f0da2dae044b6dc164d445ff5f64071143a10b007ccf1a0cca155bbb884bf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 49958
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8
91.212.66.190200 OK 746 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (744), with CRLF line terminators
Hash 6666d96c35eae9133de6698202db6e86
3176ae1c7c58540e408d9eaae8a072fb46f12d83
4e20b50061dbc5b7e11a57354561f02e99b0e2a973cfb01f32343780d0e55e59
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 746
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8
91.212.66.190200 OK 16 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 57fc6833c91389acb956c8655a2e1094
5d2247f0b2ce97ea7fea15c82b19288fcf2b11e1
12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 15879
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8
91.212.66.190200 OK 43 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (42862), with CRLF line terminators
Hash 777da4aaf5b960636dec0fd4e50ba489
9a94038ccae90e6d2a0f9cb61f79ae7c70320287
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 42864
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8
91.212.66.190200 OK 38 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with CRLF line terminators
Hash 75a781acf7793dace74872762457dd73
d36c03a4356b221d21070d56b1fd084f3e996dbd
5ea0008cb1650dc71a6c3bda07e5ef8847374e46601d6ffd2a42ee66c7e7d3e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 37687
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6
91.212.66.190200 OK 344 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (344), with no line terminators
Hash ad0af34ee472b7311217f496c54f44eb
b3e6ecf79b7c84e35862d502cf71141a434a0bdc
5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:20:23 GMT
Accept-Ranges: bytes
Content-Length: 344
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6
91.212.66.190200 OK 364 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (364), with no line terminators
Hash ca73d10f3745efeaba4661f371be89f6
cbe4a7eeaa2e03fd5a106dca9d4f5466da51c867
00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:20:21 GMT
Accept-Ranges: bytes
Content-Length: 364
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: application/javascript
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
91.212.66.190200 OK 7.0 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:42 GMT
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
216.58.207.227200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 10016, version 1.0\012- data
Hash efc008ddacd9f630d61b0717e7864257
8c79a2fe12c7e4d80f053e40540e4544744600a5
c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7
GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 14:54:19 GMT
expires: Sun, 26 Nov 2023 14:54:19 GMT
cache-control: public, max-age=31536000
age: 376343
last-modified: Mon, 11 Jul 2022 21:03:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
91.212.66.190200 OK 77 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: font/woff2
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDxrBZQI.woff2
216.58.207.227200 OK 3.6 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDxrBZQI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 3584, version 1.0\012- data
Hash 7eccf02f75bfbff194970989c52836fa
438fd2a5a0cbe42f625cf6171eeded2069b59dc1
34862e0af0a8c1373b9004a435d40f6bce444cb7a97278d883c83b916991413a
GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDxrBZQI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 3584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:19:43 GMT
expires: Wed, 29 Nov 2023 18:19:43 GMT
cache-control: public, max-age=31536000
age: 104819
last-modified: Mon, 11 Jul 2022 21:30:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/uploads/2021/03/V_K0486_rev3-01.png
91.212.66.190200 OK 42 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/uploads/2021/03/V_K0486_rev3-01.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 795 x 93, 8-bit/color RGBA, non-interlaced\012- data
Hash 108d4bb33e590be13ad97e1dbe8f5301
257cf68cdf5dfe448a5d47cbc9947082d2ec5dd6
5923de353e4ff6e9aa3686c68b48d40f1f97eab712acd71def88fde383f147fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/03/V_K0486_rev3-01.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:13:24 GMT
Accept-Ranges: bytes
Content-Length: 42398
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDhrBZQI.woff2
216.58.207.227200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDhrBZQI.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 28536, version 1.0\012- data
Hash f8a83d5e031a65613db5dd69a966669c
6bdefab36241903920f4676dd33e482a2942e25f
0a8e8c6925cf080cbf090022781314535ed8d5cedd92ea088ff3fbc961bf8d43
GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDhrBZQI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:39:02 GMT
expires: Fri, 24 Nov 2023 12:39:02 GMT
cache-control: public, max-age=31536000
age: 557260
last-modified: Mon, 11 Jul 2022 21:13:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 108934
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/uploads/2021/03/Logo-UpfarArgoa-72dpi-black-1.png
91.212.66.190200 OK 22 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/uploads/2021/03/Logo-UpfarArgoa-72dpi-black-1.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 339 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash be7392d11703a4034b28b7659694fc7d
14b7752ccf384326f2c222e1f76e6700820b9680
93449fa4100ee9a1ff642d9bfafc77da1e69ef3103f81d4c4a2c79aa3c777c56
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/03/Logo-UpfarArgoa-72dpi-black-1.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:12:25 GMT
Accept-Ranges: bytes
Content-Length: 22078
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/png
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/loading.gif
91.212.66.190200 OK 1.9 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/loading.gif
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type GIF image data, version 89a, 54 x 55\012- data
Hash b7998fb83f2426a89721ce30d2a7bdc5
10c0299c814242b8e05d65b3c9700b32f78b028a
a41e7043b455f67ca63b6a6ff98f8cb9fda13e7ab3072ad2eb1d18114d0df851
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/images/loading.gif HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:22 GMT
Accept-Ranges: bytes
Content-Length: 1924
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/gif
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
104.17.25.14200 OK 1.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (2609)
Hash f56bc0a6837b34f783f73cd70cd9f2c1
a093b6f45674f1cac3ccc35498eb1a5945f7dde9
0c67ee4dc6af2a5a0b020d3e2e5b049720e516bb4faf6b0b60bd96bf3eba1199
GET /ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:26:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-ad3"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9780367
expires: Mon, 20 Nov 2023 23:26:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byZmd98zqI4JZDrNLke6ScYKedyr%2B%2F%2B4%2FN7wKiL%2F%2Bl%2BJ4b6LOhgofgvRXpIzlHM4TMRPXmA6atpQK6rXYaeb3xLByyYNyVwy6KJWlxfMVz1ERdbwQadxvUPruVEUPJtTUzXXxFbE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7727597abfbab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/round-prof.png
91.212.66.190200 OK 72 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/round-prof.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 883d1d9c7242d89bf5f0ebba5514d463
ec8a8dbbd5767cf7f83fb7ca8b72afbaeb31908d
9926c1002ceecdef90b5a23c7a00f14c01c92ed4b2503cf54ec6c40a96a0bde1
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/images/round-prof.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:23 GMT
Accept-Ranges: bytes
Content-Length: 72516
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/images/share/ajax-loader.gif
91.212.66.190200 OK 673 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/images/share/ajax-loader.gif
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type GIF image data, version 89a, 16 x 16\012- data
Hash 6f22eac466d2feb96593175f8c441723
cf35638529b05c5690ab2f926e0e2bb1af32bf06
437ed22e00631100ee0a753f3c544d85069ad55d88b60e5d3e54e2fe311c929d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-social-pro/images/share/ajax-loader.gif HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:01 GMT
Accept-Ranges: bytes
Content-Length: 673
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/gif
s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js
172.217.21.174200 OK 8.8 kB URL HTTP/2 s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js
IP 172.217.21.174:0
File type ASCII text, with very long lines (631)
Hash fdb31e90c509ac6256972808ae01436d
b50792717191fac50badc564d28eeda9c8d4be10
697874af8dd908409f2f906fbbd3907ef75dc988934fd4bdaf844afc31c6f33b
GET /yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 8763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:37:25 GMT
expires: Wed, 07 Dec 2022 07:37:25 GMT
cache-control: public, max-age=691200
last-modified: Wed, 13 Jul 2016 18:57:42 GMT
content-type: text/javascript
age: 143357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/popup-image.png
91.212.66.190200 OK 511 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/popup-image.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 484 x 392, 8-bit/color RGBA, non-interlaced\012- data
Size 511 kB (511337 bytes)
Hash 06d6a4e07cbc3dd2ce3ad758a80889f4
c487cd54756205852be6c6faf9b8924bc7ac4899
2ed7fa5a8b500ebca87ff4296f5aab6594f0da88eb58a85ff7863c6bc3b1a44e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-instagram-feed-pro/images/popup-image.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:23 GMT
Accept-Ranges: bytes
Content-Length: 511337
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
www.upfarargoa.ro/wp-content/uploads/2021/08/Logo-UpfarArgoa-72dpi-black-1024x573-2-300x132.png
91.212.66.190200 OK 9.3 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/uploads/2021/08/Logo-UpfarArgoa-72dpi-black-1024x573-2-300x132.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 300 x 132, 8-bit gray+alpha, non-interlaced\012- data
Hash 6f33ad22593dccfeb478b399e06222d8
671a520f67f741243dace98a6b1cbc717fc38c06
9ec8cca54373884ac72fb6a2b014779dc6994dfbba25259b3092b1d0bb9be0fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/08/Logo-UpfarArgoa-72dpi-black-1024x573-2-300x132.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:13:40 GMT
Accept-Ranges: bytes
Content-Length: 9316
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/prev.png
91.212.66.190200 OK 1.4 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/prev.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 84b76dee6b27b795e89e3649078a11c2
6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/prev.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:44 GMT
Accept-Ranges: bytes
Content-Length: 1360
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/next.png
91.212.66.190200 OK 1.4 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/next.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f15875975aab69085470aabbfec802
777e92c050f600b4519299c3d786b8f2f459fea4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/next.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 1350
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/loading.gif
91.212.66.190200 OK 8.5 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/loading.gif
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type GIF image data, version 89a, 32 x 32\012- data
Hash 2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/loading.gif HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 8476
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/gif
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/close.png
91.212.66.190200 OK 280 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/close.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Hash d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/close.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 280
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12ef30d526ddf69306f141dbd5a35cbc
c642b249d097aa2cc1042c6c3732afb2c7cc46a6
b505d1a52ea128e3815a0cb48ebbe849693643618865107d2f55d4b7723e6138
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B505D1A52EA128E3815A0CB48EBBE849693643618865107D2F55D4B7723E6138"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5028
Expires: Thu, 01 Dec 2022 00:50:30 GMT
Date: Wed, 30 Nov 2022 23:26:42 GMT
Connection: keep-alive
accesspressthemes.com/import/vmagazine/wp-content/uploads/2018/04/averie-woodard-111823-unsplash-1.jpg
192.254.190.152404 Not Found 462 B URL HTTP/2 accesspressthemes.com/import/vmagazine/wp-content/uploads/2018/04/averie-woodard-111823-unsplash-1.jpg
IP 192.254.190.152:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648
GET /import/vmagazine/wp-content/uploads/2018/04/averie-woodard-111823-unsplash-1.jpg HTTP/1.1
Host: accesspressthemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
last-modified: Mon, 07 Oct 2019 13:59:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Wed, 30 Nov 2022 23:26:42 GMT
server: Apache
X-Firefox-Spdy: h2
www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-192x192.png
91.212.66.190200 OK 28 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-192x192.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 220fbeb6bdcfaec412c2e936a0c2d88d
59fd328103e4f937aff2238f07518d3e48b36b5a
d314f3145fd5c4aa50df3521d2efa8078e79c81aee6bc32be3f4df9042a4dfeb
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-192x192.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:43 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:11:47 GMT
Accept-Ranges: bytes
Content-Length: 27831
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-32x32.png
91.212.66.190200 OK 2.5 kB URL HTTP/1.1 www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-32x32.png
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 0364cb52864ed329f467cd7f12231f39
02ec5211451d5f563869301f1ad8272e53d39ad2
6b44b1e7d1496bab1f3add37718f61c79a6d88faa7aa354d2c9d03060b5311f8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-32x32.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:43 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:11:47 GMT
Accept-Ranges: bytes
Content-Length: 2482
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png
www.upfarargoa.ro/?wc-ajax=get_refreshed_fragments
91.212.66.190200 OK 285 B URL HTTP/1.1 www.upfarargoa.ro/?wc-ajax=get_refreshed_fragments
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
File type JSON data\012- , ASCII text, with no line terminators
Hash 714179c89e269d693e9764c47935e8f3
d052e4a6e9050186e482648073df45610f82c734
655704410bac0feb36e7ceea5862ef5bc5f6b8f40eee2e78256de71b2ed0e20f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Pragma: no-cache
Access-Control-Allow-Origin: https://www.upfarargoa.ro
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1
91.212.66.190200 OK 0 B URL HTTP/1.1 www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:53 GMT
Accept-Ranges: bytes
Content-Length: 520714
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Arimo&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Arimo&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Arimo&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:40 GMT
date: Wed, 30 Nov 2022 23:26:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Open+Sans&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:40 GMT
date: Wed, 30 Nov 2022 23:26:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Amatic+SC%7CCrafty+Girls%7CItalianno%7CGreat+Vibes%7CSchoolbell%7COswald%7CLato%7CMontserrat%7CDroid+Sans%7CPoppins%7CVarela+Round&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Amatic+SC%7CCrafty+Girls%7CItalianno%7CGreat+Vibes%7CSchoolbell%7COswald%7CLato%7CMontserrat%7CDroid+Sans%7CPoppins%7CVarela+Round&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Amatic+SC%7CCrafty+Girls%7CItalianno%7CGreat+Vibes%7CSchoolbell%7COswald%7CLato%7CMontserrat%7CDroid+Sans%7CPoppins%7CVarela+Round&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:40 GMT
date: Wed, 30 Nov 2022 23:26:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C700%2C900%2C100&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C700%2C900%2C100&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Roboto%3A400%2C300%2C500%2C700%2C900%2C100&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:41 GMT
date: Wed, 30 Nov 2022 23:26:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=2.0.7
188.114.99.234200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=2.0.7
IP 188.114.99.234:0
GET /font-awesome/latest/css/font-awesome.min.css?ver=2.0.7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:26:40 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
cdn-cachedat: 2021-06-08 02:11:52
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a598449d49cc560d4528aee3606858c
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15293417
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 772759717b4cb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.0.3
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.0.3
IP 142.250.74.106:0
GET /css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:41 GMT
date: Wed, 30 Nov 2022 23:26:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.upfarargoa.ro/lvot/?qbot.zip/
91.212.66.190404 Not Found 0 B URL HTTP/1.1 www.upfarargoa.ro/lvot/?qbot.zip/
IP 91.212.66.190:0
ASN #48837 Sc Alfa Web Srl
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /lvot/?qbot.zip/ HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8