Report - www.upfarargoa.ro/lvot/?qbot.zip/

Report Overview

Submitted URL
www.upfarargoa.ro/lvot/?qbot.zip/
IP
91.212.66.190
ASN
#48837 Sc Alfa Web Srl
Submitted
2022-11-30 23:26:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
346

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
cdn.linearicons.com	39017	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	805 B	3.4 kB	54.230.111.71
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.comodoca.com	1696	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	1.0 kB	172.64.155.188
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	7.7 kB	142.250.74.131
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	8.5 kB	69.16.175.42
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	429 B	894 B	188.114.99.234
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.214.17.205
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	845 B	71 kB	216.58.207.234
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	69 kB	34.120.237.76
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	2.2 kB	104.17.25.14
s.ytimg.com	7443	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	9.6 kB	172.217.21.174
www.upfarargoa.ro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	56 kB	6.3 MB	91.212.66.190
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	70 kB	216.58.207.227
accesspressthemes.com	303348	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	460 B	718 B	192.254.190.152
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	3.7 kB	142.250.74.106
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.6 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/newsletter/style.css?ver=7.4.2	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/style.css?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware
2022-11-30	medium	www.upfarargoa.ro/?wc-ajax=get_refreshed_fragments	Malware
2022-11-30	medium	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed
2022-11-30	medium	upfarargoa.ro	Sinkholed

Quad9 DNS

No alerts detected

JavaScript (60)

	URL	Size	First Seen	Last Seen
	www.upfarargoa.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 12:23:33 Times Seen37994 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9	9.3 kB	2023-03-07	2024-02-26
Pretty URL www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-02-26 18:56:30 Times Seen173 Hash adf81ade4d0a8a6934d76b6e47dbb883 d5033b2320d2cc6b8de9b43787cfadb4d2f9245d 91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399 Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1	2.1 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-19 10:30:00 Times Seen22361 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:32:29 Times Seen3644 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1	3.0 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 10:16:10 Times Seen5915 Hash 8bc2109ef48cabf7a26b73d7c3536c5f 0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b 8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	253 B	2023-03-11	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:13:46 Last Seen2023-03-11 23:13:46 Times Seen1 Hash 8eb444e8347d9ca2bf14f1c22f39fc81 353c8ead38551513589b74f315212ddfd9fcaa71 ac828f512c6f9ab555ef677c2e4e5ed09ce9c285a0f3d649d16a962f532138d1 Loading...

	www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	3.4 kB	2023-03-07	2024-04-15
Pretty URL www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-15 11:35:11 Times Seen623 Hash 5c38aa6d5b98586ca2ba973ab8b4b6b1 8215983363ea0d74f99368336404b0d27217778f 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6	364 B	2023-03-07	2024-04-15
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-04-15 20:09:58 Times Seen935 Hash ca73d10f3745efeaba4661f371be89f6 cbe4a7eeaa2e03fd5a106dca9d4f5466da51c867 00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8	16 kB	2023-03-07	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:21:03 Last Seen2024-01-21 12:03:03 Times Seen90 Hash 57fc6833c91389acb956c8655a2e1094 5d2247f0b2ce97ea7fea15c82b19288fcf2b11e1 12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8	3.4 kB	2023-03-07	2024-03-06
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:51 Last Seen2024-03-06 13:33:17 Times Seen325 Hash c1b7fbe6b1a3b777fddfe187094deb97 498d2b1a5cfd53ce9b320c9ccd7d53ea7b04ffb7 64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8	732 B	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen15 Hash 4b67b4e4144499d75b62d75b6e8f00da 3bd5055fb6c65f59ee5a4292c8a4d5205d869469 11568a1a7f4ac4e0430f69d6f8a3d47fe874c9d10db8bc24975d28b6745a1e67 Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6	24 kB	2023-03-07	2023-11-30
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:50 Last Seen2023-11-30 15:55:39 Times Seen21 Hash d27a76a9b635a4dcfbbaaed5f55461f5 8b3f3530e3bcc64767f9b32b53d0b9e60881e533 d02eea8c6f61f96111ea6be2f861cd8b4d05ca2ac717be3177aecd9116d552ba Loading...

	www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1	37 kB	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:48 Last Seen2024-04-18 13:32:29 Times Seen590 Hash 24443da3a469ca21411e562a861ec083 14a10995d6efe48ceea5916e218ecf177560352a 2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6	672 B	2023-03-07	2023-11-30
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:50 Last Seen2023-11-30 15:55:39 Times Seen17 Hash af6f98a77d3ef9844e547fdbda7b935c 5e1abbc9b44a66bc340249e598a87d0294a9416c ef9d4a59c3077004cefa3e815ec8135031010d0bc6684cb31d392e2e214298e4 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	168 B	2023-03-11	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:13:46 Last Seen2023-03-11 23:13:46 Times Seen1 Hash faa2a9039832e65598857d17a7698fc7 3dce5daaaf640115aec4774b7c3e52bc42094332 46b0c4b51e045774d18e854d49465bcc90bf948c59fd8398f8b2078dd6abf12c Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1	9.5 kB	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-18 05:49:36 Times Seen2816 Hash 87c54edf7dad7dfdfde015f6eee45ff1 96ec1a06ea3093c47e1e2fc4444ada7f4456135d ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da Loading...

	www.upfarargoa.ro/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1	11 kB	2023-03-07	2024-03-19
Pretty URL www.upfarargoa.ro/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-03-19 21:15:52 Times Seen344 Hash 0ee357a183287d64fcf277f66d532e6d b45721bde387037ac73347020edb890ac4a77814 7ce6eb9cd7f07b424c34ee977214503668ae5e137d07b3fe0a37373e57686ebf Loading...

	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9	1.3 kB	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:13 Last Seen2024-04-18 08:37:34 Times Seen3419 Hash 700b877cd3ade98ce6cd4be349d81a5c c1c36e6927436231eb20474356b29667c4c648aa 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	306 B	2023-03-11	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:13:46 Last Seen2023-03-11 23:13:46 Times Seen1 Hash 88c3b9cce247ba14b3ce5cadbd6df9b0 fe3555405da5819bfa7388d0ebde83a42a69998a 487f2ecd0736822433c8ba71bdd6bdd0ad50da31c1f4fe83f871c73aee5c5140 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	131 B	2023-03-08	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-03-11 23:24:23 Times Seen1 Hash 3440a3debbe231f1be04af1bfd3b0ae0 51dcb8eea513427c403a3433871484383e1f5d7f 10e7ed1d0d46fb5f1dcdd149b06dfdd9c2bc48a88a3987b7e153d99218501899 Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6	344 B	2023-03-07	2024-04-15
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:32 Last Seen2024-04-15 20:09:57 Times Seen945 Hash ad0af34ee472b7311217f496c54f44eb b3e6ecf79b7c84e35862d502cf71141a434a0bdc 5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4 Loading...

	www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 15:34:19 Times Seen68497 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7	830 B	2023-03-07	2024-03-31
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:45 Last Seen2024-03-31 13:37:45 Times Seen94 Hash 4d3b9be4d3227e8879b94c20daea3ba2 486c5b5fd9de759457fb74d44bca35ef5cea26af d05c39d16a7ced23ea1d6930893e848d5554260f91395849dae4470344ff0199 Loading...

	www.upfarargoa.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:42:00 Times Seen15473 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	2.2 kB	2023-03-08	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-03-11 23:24:23 Times Seen1 Hash 85ed425de6d25fd4d5c640dbb7acbd73 4c1100d98af432707056f34d544cb97639eebdbd 0da8390dc0ef282bbcdfa1d9447c261771ce42f5dbe6c9451fa6cc72130039c3 Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6	15 kB	2023-03-07	2024-04-15
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:06 Last Seen2024-04-15 03:50:52 Times Seen135 Hash aa294d7a6febff508aec6691684137c4 fa313b686a1b3d9b80cc5d2063d91969848a142f 97034923921c5b085988d368e84feff2fe422cd0405678f9bcc05270cfa68eaf Loading...

	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/frontend.js?ver=2.0.6	8.4 kB	2023-03-08	2023-08-25
Pretty URL www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/frontend.js?ver=2.0.6 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-08-25 21:42:05 Times Seen5 Hash 71b91df6b1fb9965ee6121046f63d14d 42fbab796bc970eb39649f1db919409fea985d40 0932f7848a3300d72609ce626a9e9cf8080e8add6b9d0614389f833ba6cc0824 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8	16 kB	2023-03-07	2024-03-18
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:41:49 Last Seen2024-03-18 14:23:39 Times Seen52 Hash a586cc49b879664d7cfff48e50dbb52f c90461326ec06a6d9d32c651431efb36dd7dbd86 9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	266 B	2023-03-08	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-03-11 23:24:23 Times Seen1 Hash 7e8f6dc01cdcf5f703c809b63fe81295 8733c5752cdf359320faee3c17ac4b7df0ca4c4e 0aeb14638f016e6cafb52097fe91dcafa6c7c5bbacd06155df4ed828be9f90a8 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js	2.8 kB	2023-03-07	2024-04-18
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:38 Last Seen2024-04-18 10:42:03 Times Seen3371 Hash d5843dbdc71ff8014a5eafd346a262da 127e1d971efab9341db8079f10663dc28e8e0a2f 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	152 B	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-19 12:13:32 Times Seen19849 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8	22 kB	2023-03-07	2024-04-01
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:02 Last Seen2024-04-01 11:39:17 Times Seen206 Hash 11289aa698605cab3300acef620164fc e13ff658c3f1d0b3c5caf6793816ef7eb64dce2e b649d54062bfbf69d736f62f09317785091dc9a17abffa380289f55f92f4e8db Loading...

	www.upfarargoa.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 15:34:19 Times Seen31746 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9	31 kB	2023-03-08	2023-03-11
Pretty URL www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-03-11 23:24:23 Times Seen1 Hash 0c5df04ba4359968c4682e6a7e5108d5 886bc1f3b6cb79c29532999ad97539036c4e2881 9a4f4e90a45250574a92386246673abe09d604221f47be1e9dc01d02dc083e39 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	276 B	2023-03-11	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 23:13:46 Last Seen2023-03-11 23:13:46 Times Seen1 Hash d339841a71f8d867fce1367ec75bb48c ba6116a862c9aa56213a1eff342f8848d6cda8fe a40cbde2f357f1fb331a87d73e4ed53f81c04f34bac81cd36ccb0c4a2096278f Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8	95 kB	2023-03-07	2024-03-19
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:51 Last Seen2024-03-19 16:35:41 Times Seen335 Hash 50c803e1483b1bbb1531fea61f849d98 6643dec32d981aeeda46f85ee130d74f14732bfe 72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8	50 kB	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen12 Hash ab61327c0c8eb87f2bdadffbff396bd0 ec7f3612267e06dd54138a781b20f0a82e1a3d60 fe1f0da2dae044b6dc164d445ff5f64071143a10b007ccf1a0cca155bbb884bf Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 17:33:56 Times Seen36964513 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/js/shortcodes-front.js?ver=6.0.3	1.1 kB	2023-03-08	2023-05-15
Pretty URL www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/js/shortcodes-front.js?ver=6.0.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-05-15 14:15:24 Times Seen3 Hash 0d0e3f6d9cb0c2688d9145fece64aced a9afc1c054c1e7534a0f0659c53d6b94260ff4a9 9486f772ced27a1c4a3b259c6f851d6d26b371e1934c96482e8c3c52f9637deb Loading...

	www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6	9.7 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-19 07:32:30 Times Seen4621 Hash cfb428c02811f0cbe515d5f3dca61de6 e95f8696fbe29a706e66ccf582b36d9bd650ab9f 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	318 B	2023-03-08	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-03-11 23:24:23 Times Seen1 Hash 6515f405c5b24e4e9a430b002d10d519 6b8b01ea8534439dab5447f10ff64963b169b221 fa699de770fb202ddf71026963c941f55f814e30ab2adbca65e4eb6a998d471b Loading...

	s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js	24 kB	2023-03-08	2024-01-21
Pretty URL s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js IP 172.217.21.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen28 Hash 8402562fc1f5d93cb9d018e37e968d63 d3ba546370df99d7c484487f456da976f75b313d 2c61983e521712c88d0253a4b6aab750a63a9722b7efa9b8c2d4ba0e875990a2 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8	43 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:24 Last Seen2024-04-19 10:13:27 Times Seen3024 Hash 777da4aaf5b960636dec0fd4e50ba489 9a94038ccae90e6d2a0f9cb61f79ae7c70320287 e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	9 B	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-19 15:10:39 Times Seen16034 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8	38 kB	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen3 Hash 75a781acf7793dace74872762457dd73 d36c03a4356b221d21070d56b1fd084f3e996dbd 5ea0008cb1650dc71a6c3bda07e5ef8847374e46601d6ffd2a42ee66c7e7d3e3 Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3	47 kB	2023-03-08	2023-11-10
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-11-10 15:39:33 Times Seen4 Hash 59514960cf71749a03c204a44345eaca 10f1ec9ca8633c5be2809d479bbd3bc5c57f622d 4dbc244226a30f6c28c384b9fd2c7d21535c58674c9773e6db0bb4b5faf2271e Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	660 B	2023-03-08	2023-11-10
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-11-10 15:39:33 Times Seen17 Hash c66d6364ed7de6f7272dc31ce7b54557 e6eca7fed3c2a0f50683c67903999a734c520acb 39ec494cda5f97d62f0686181392ba3acf6a1298b4845a02a9ce07856cfb6698 Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7	15 kB	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen5 Hash 3feaf7e7b9e4ccdb944d4e2840907a5b 65ef77a1ab8e305a6872dc2c0ba3a6f688a98f9e fefff8161269b107e18eb9f9ae30fdc46ca9dcd96ae322c855bbe95b0c01623e Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8	5.0 kB	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen32 Hash e1ede55b9e9b7859a8044e4a7faa616d a557fa257f3c6376d6480c2c919be9f833cfda6d 0192777d238a25bd733dcbf1e16096129fe0015a9220a04ba1baca322000cfe8 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	135 B	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-19 12:13:32 Times Seen26555 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	297 B	2023-03-08	2023-03-11
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-03-11 23:24:24 Times Seen1 Hash dd9b445aeeb4f66edffa14bc9cd76b48 429332b84dcee29fb59d483e6ab72764827b4cda f6e48baf8247cb96f99e7a31b68bab641b1b99e196cd56a8abeccf4dc96d7fa2 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8	746 B	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen10 Hash 6666d96c35eae9133de6698202db6e86 3176ae1c7c58540e408d9eaae8a072fb46f12d83 4e20b50061dbc5b7e11a57354561f02e99b0e2a973cfb01f32343780d0e55e59 Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6	30 kB	2023-03-08	2023-04-18
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2023-04-18 16:48:24 Times Seen3 Hash f15b068837cb703c372f44df2b4c0384 6f3fa3430d7d8dbb1f001d467dec263542eb508b b9fd13679e033836f0d54e3b01fb61077fdf7bf58685a6fc891693d66e873c85 Loading...

	www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6	84 kB	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:42 Last Seen2024-04-18 12:19:00 Times Seen1563 Hash 99cf8430b8d81c268269760118ec31a4 3fec23eeb6e45407f1fa1d38cf1cd3d463dd1f7a 430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d Loading...

	www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7	1.2 kB	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen4 Hash 3305070732801b98f1d11f384ba19014 c2b5348a2b006f2a2343669c8eb2fe2f1bf5c3a6 5a33651183bef3e7839ce9285f0e830c78322c4d7d4062294fd31fe345c6fc3d Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1	1.8 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-19 10:30:00 Times Seen21564 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	85 B	2023-03-07	2024-04-18
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:16 Last Seen2024-04-18 10:01:01 Times Seen504 Hash ffd7213af410914aa94b69c14a9515a5 06f390b471f918bdce35c3d60b633c81c674f033 2b2e4c86ca4da9eac25c15aaed65de5428d4c30b8d308a38e1870d28498c2b18 Loading...

	www.upfarargoa.ro/lvot/?qbot.zip/	2.3 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/lvot/?qbot.zip/ IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-19 11:35:05 Times Seen4790 Hash 6f740b956919fbaa673bb496be184ac1 fa7d2aef8069f1be31c655fb889c897eae36757a c8d83f1bd6a850a6f197b9bcce38828132ad627358b9c2c78e7c4bef4d22c304 Loading...

	www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1	2.9 kB	2023-03-07	2024-04-19
Pretty URL www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-19 10:30:00 Times Seen13949 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8	3.1 kB	2023-03-08	2024-01-21
Pretty URL www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8 IP 91.212.66.190 ASN #48837 Sc Alfa Web Srl Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:59:45 Last Seen2024-01-21 12:03:02 Times Seen13 Hash f871c9ac0b45315adf1eb810e12f25db d00cfc8d125f08ee5b227cc62a529b59b7ee7744 28da7cecad28461418089f8aa61188365dd9935932004e6d35f24b729d637ebd Loading...

HTTP Transactions (163)

URL IP Response Size

www.upfarargoa.ro/lvot/?qbot.zip/

91.212.66.190

301 Moved Permanently

249 B

URL HTTP/1.1
www.upfarargoa.ro/lvot/?qbot.zip/
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
249 B (249 bytes)
Hash
c70b6ca8a67e632bd42a799836013a14
b61707f63b8fc942c44afb4ac63488f4e5d92276
dfadf83fc189055ec53548282a6b5f1611cc7f5d808de56aebbb9a59bdbb3820

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /lvot/?qbot.zip/ HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 30 Nov 2022 23:26:39 GMT
Server: Apache
Location: https://www.upfarargoa.ro/lvot/?qbot.zip/
Content-Length: 249
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8765
Expires: Thu, 01 Dec 2022 01:52:44 GMT
Date: Wed, 30 Nov 2022 23:26:39 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2678
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:39 GMT
Last-Modified: Wed, 30 Nov 2022 22:42:01 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9392
Expires: Thu, 01 Dec 2022 02:03:11 GMT
Date: Wed, 30 Nov 2022 23:26:39 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 23:18:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 515
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ylE2KAYF6kkDcFONSShPIMiGAlr+jli63I0fqj4pRJmCzJRWAnSDCcyzUEJa/HGR0jpCyVdVOZs=
x-amz-request-id: KHS0KYK41008RVSF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 22:45:24 GMT
age: 2475
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 23:26:39 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.comodoca.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ee7041d1072fe8441f8e5260bdba23c1
d365ebca742777226460d431d9311f69c2b68d25
24012311ddb4600847324657b236fc605c49bd28a622270f541ada28daab84b0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 20:39:35 GMT
Expires: Wed, 07 Dec 2022 20:39:34 GMT
Etag: "d365ebca742777226460d431d9311f69c2b68d25"
Cache-Control: max-age=594174,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77275968eeebb506-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 23:08:56 GMT
cache-control: public,max-age=3600
age: 1063
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2677
Cache-Control: max-age=123888
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:40 GMT
Etag: "63871d2b-1d7"
Expires: Fri, 02 Dec 2022 09:51:28 GMT
Last-Modified: Wed, 30 Nov 2022 09:06:51 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

www.upfarargoa.ro/lvot/?qbot.zip/

91.212.66.190

404 Not Found

94 kB

URL HTTP/1.1
www.upfarargoa.ro/lvot/?qbot.zip/
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size
94 kB (94439 bytes)
Hash
4b27fa212828e6de5fc4290dda801982
f36ec92ac52a948ae71f69ad306b8298bf250d02
b6e951a6238afc118992bab641efc8e6e2a463cc818e0971e18b2eddce0db2b2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /lvot/?qbot.zip/ HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 23:26:39 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

34.214.17.205

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.214.17.205:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DDHEGTXPFR0JjTQX9Bvq1w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: itebmNwCjFnKH3OwM6xeH3LQpFs=

www.upfarargoa.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

91.212.66.190

200 OK

19 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (15660)
Size
19 kB (18617 bytes)
Hash
32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0.3

54.230.111.71

200 OK

1.7 kB

URL HTTP/2
cdn.linearicons.com/free/1.0.0/icon-font.min.css?ver=6.0.3
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7191)
Size
1.7 kB (1672 bytes)
Hash
0b704046d76bb4d3929be4f7f20472f5
564f70325044cf9834f70d9689463cbfb8a53b71
511ae4f5d6a1803848d68c82cd61d2ad1ed3a1c65037e2cbcf9a7edd2fa6fa5d

HTTP Headers

GET /free/1.0.0/icon-font.min.css?ver=6.0.3 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
content-length: 1672
date: Wed, 07 Sep 2022 12:38:53 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:10 GMT
etag: "0b704046d76bb4d3929be4f7f20472f5"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V8CXSeQRdiTjAL34gmB_X5TUfLpRX8MjJuz90DoNGF2_09Z6F2anNQ==
age: 7296468
X-Firefox-Spdy: h2

cdn.linearicons.com/free/1.0.0/svgembedder.min.js?ver=6.0.3

54.230.111.71

200 OK

519 B

URL HTTP/2
cdn.linearicons.com/free/1.0.0/svgembedder.min.js?ver=6.0.3
IP
54.230.111.71:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (520)
Size
519 B (519 bytes)
Hash
6fb5a1a9925f28916193ddc1d72f9b0d
bdc64cce45bb408f635c2d61ef79061ea1997069
85194f705319dba5c19a61ccf7643ab990e4a699e2927a3d967b62d70ebbea9b

HTTP Headers

GET /free/1.0.0/svgembedder.min.js?ver=6.0.3 HTTP/1.1
Host: cdn.linearicons.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 519
date: Fri, 02 Sep 2022 06:26:21 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
last-modified: Wed, 27 May 2015 16:04:40 GMT
etag: "6fb5a1a9925f28916193ddc1d72f9b0d"
cache-control: max-age=31000000
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pLh9rlLd-U9yIF6Gnji1NbmiYd1IE3LPCvELYjKAogRNxUr3KAY-iQ==
age: 7750819
X-Firefox-Spdy: h2

code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css?ver=1.1.9

69.16.175.42

200 OK

8.1 kB

URL HTTP/2
code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css?ver=1.1.9
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (2363)
Size
8.1 kB (8056 bytes)
Hash
6c82a49e7983d483c0d8a2693d66a17b
6d6deea9c1f9d0b1ded69cc2b82b07d4e8e60952
763ce5616013ac40d27502cb40d92589c5ce9e2a8034692666734ece10671326

HTTP Headers

GET /ui/1.11.4/themes/smoothness/jquery-ui.css?ver=1.1.9 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:26:40 GMT
content-encoding: gzip
content-length: 8056
content-type: text/css
last-modified: Wed, 16 Feb 2022 10:50:40 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd700-898c"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669850800.dop207.sk1.t,1669850800.cds264.sk1.hn,1669850800.cds262.sk1.c
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=6.0.3

216.58.207.234

200 OK

63 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=6.0.3
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (64562)
Size
63 kB (62563 bytes)
Hash
468446a7240461af44b59ebb2047c231
47b7c525dc91bece99df0c414960b9490b986ba8
ae1a0126552472d1e1347ceb8027ed725db3b93fcbc0b39745a92412cc1641a6

HTTP Headers

GET /ajax/libs/jqueryui/1.9.2/jquery-ui.min.js?ver=6.0.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 62563
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:30:35 GMT
expires: Wed, 29 Nov 2023 18:30:35 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 104165
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0

91.212.66.190

200 OK

4.9 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (4933), with no line terminators
Size
4.9 kB (4933 bytes)
Hash
e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.9.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:45 GMT
Accept-Ranges: bytes
Content-Length: 4933
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3

91.212.66.190

200 OK

233 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
233 B (233 bytes)
Hash
29e08a0befe4552f0c4b3daa2da97471
6d99dfae3139ada7a4513b61d53c0f9a3884c0e5
aacbcb221f648fada619139b81efc00b8bd115ec5ddca3de8769361edae1bcc2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/css/loading-animation.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:17 GMT
Accept-Ranges: bytes
Content-Length: 233
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3

91.212.66.190

200 OK

6.0 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
6.0 kB (5955 bytes)
Hash
b6fdbad7bd5e27dd7c1fe45674e26943
1529dce44d28042d09df915ccf60e9b963787cd6
6fc7e240cedc42494b66fba96e247828d1abe4b5eca89fa4be8dedee7f701df9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/css/fileuploader.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:16 GMT
Accept-Ranges: bytes
Content-Length: 5955
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/tagit.ui-zendesk.css?ver=6.0.3

91.212.66.190

200 OK

2.8 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/tagit.ui-zendesk.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
2.8 kB (2822 bytes)
Hash
1196766031c7b1e905b5082574f1aad9
3e04aee3a3aba63357f32b9243fa137df2f3c83d
7516c6b9d408da446f01171638691c1d2b4fd282c71a0b19093e6ac40cf54e72

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/css/tagit.ui-zendesk.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:18 GMT
Accept-Ranges: bytes
Content-Length: 2822
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6

91.212.66.190

200 OK

3.9 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
3.9 kB (3874 bytes)
Hash
91841e3b0a773c4cfe7b75ca985b26a6
ceb70b32222a821d1f588d84d5170756632f3959
bb0d6bad8dda35bbe5134fbab0750ee9616f4f08bb5df0cc5716af758cbe5997

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:42 GMT
Accept-Ranges: bytes
Content-Length: 3874
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3

91.212.66.190

200 OK

7.4 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (7191)
Size
7.4 kB (7354 bytes)
Hash
ec26292e52e5bc20624b029974bd0adf
3756375bb053b0f3f62303597d844f70cef1b5e0
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/css/linearicons.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:21 GMT
Accept-Ranges: bytes
Content-Length: 7354
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6

91.212.66.190

200 OK

40 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (781)
Size
40 kB (40393 bytes)
Hash
e7c269103fc6fcc03d38013fa6727a4f
293658b37e374be0e0cb95831f477e5fc24ce2e1
1318b02c6580e7863e955f6079abe35199093d0951fb1e1ef7458d78b9740ef6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/css/frontend-style.css?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:17 GMT
Accept-Ranges: bytes
Content-Length: 40393
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

91.212.66.190

200 OK

89 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (43771)
Size
89 kB (88932 bytes)
Hash
b7915926fe42d76e9c802353ab01dae4
3a8192a4312f25f53de25b100d62829c0f14d67c
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 88932
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7

91.212.66.190

200 OK

9.8 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
9.8 kB (9781 bytes)
Hash
50c45b4c9bf20b3623ca76530534b0bf
460fe47e670fe59ec146c6d0b4e49115f21baf7a
0181265d99a39991feee0b80f12ecf620092ab4fc64de5fe9348a3d0719efca9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-social-pro/css/share/socicon/style.css?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:21:51 GMT
Accept-Ranges: bytes
Content-Length: 9781
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/font-awesome.min.css?ver=3.0.7

91.212.66.190

200 OK

21 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/font-awesome.min.css?ver=3.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (20604)
Size
21 kB (20766 bytes)
Hash
bbfef9385083d307ad2692c0cf99f611
63a234ea4d60f6643a60a4d79e28f291b93c1743
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/css/font-awesome.min.css?ver=3.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:21 GMT
Accept-Ranges: bytes
Content-Length: 20766
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6

91.212.66.190

200 OK

2.7 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
2.7 kB (2731 bytes)
Hash
e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.5.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:05 GMT
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0

91.212.66.190

200 OK

210 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
210 kB (209831 bytes)
Hash
9ed8fcb16418ff477a6c93fe33f86563
47be642692139a2ce63cf655cba31767cb7e8074
3f7c8f55c3c421a6f14efb39bf07abb73d1d244f194e133a2453913330e38819

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.9.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:45 GMT
Accept-Ranges: bytes
Content-Length: 209831
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2705
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:40 GMT
Last-Modified: Wed, 30 Nov 2022 22:41:35 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6

91.212.66.190

200 OK

1.7 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
1.7 kB (1729 bytes)
Hash
13b1b6672b8cfb0d9ae7f899f1c42875
6e9d13342a11a8cfd9e42ee243eaeae01cda4e25
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/js/slick/slick.css?ver=1.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:36 GMT
Accept-Ranges: bytes
Content-Length: 1729
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9

91.212.66.190

200 OK

59 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with very long lines (12602)
Size
59 kB (58912 bytes)
Hash
7407624bfb90f435e2d96d3191332f99
3bcf6ef1e4e8bb0969be7c7ef9e6fbbd17af7879
b1038ef6b4cc0ebb89dec9680c8e2c0d327ca4ab4f3e87e80003dd5fba350a28

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.3.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:23:38 GMT
Accept-Ranges: bytes
Content-Length: 58912
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/jquery-ui.css?ver=1.12.1

91.212.66.190

200 OK

36 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/jquery-ui.css?ver=1.12.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (2363)
Size
36 kB (35972 bytes)
Hash
a132ede819bad05cca4164b7aa720043
7c92d0e8b6c8fe4057dfc53252765774870ce71a
3030e6b5c4e92ccf8819b989a6292779ded8a3a60cabf302043f668805ff5107

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/jquery-ui.css?ver=1.12.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 35972
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7

91.212.66.190

200 OK

940 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
940 kB (939512 bytes)
Hash
42ad34099302ea8203016caaff6cc9ea
7494ee5dde8bdb8d963dc8455403751e40ba6043
4e4a5593110f8666192cf25edf7a4999fdff6285ba65a0974fa45ef0eda18067

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-social-pro/css/share/frontend.css?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:00 GMT
Accept-Ranges: bytes
Content-Length: 939512
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7

91.212.66.190

200 OK

478 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (325)
Size
478 kB (477887 bytes)
Hash
c5b94b4e1a8c18498ffe3794db7992de
10c0f1dc86af0eaed89692965de7da1be913f2a7
55067fbabab6d637f82a866897829fcd26f4ad320b806b85f5304d7323e1199e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-social-pro/css/counter/frontend.css?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:59 GMT
Accept-Ranges: bytes
Content-Length: 477887
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6

91.212.66.190

200 OK

3.1 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text
Size
3.1 kB (3149 bytes)
Hash
02473ba3391613484a1a8f4c44e4a5b0
b46d0b036c8a429a249ecedb776b5619e56547ed
69034fe6b34e98e658468c5ecaebf5d831d4bba2e4ba5832a68ec82c1c75d3b7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/js/slick/slick-theme.css?ver=1.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:36 GMT
Accept-Ranges: bytes
Content-Length: 3149
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7

91.212.66.190

200 OK

311 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 (with BOM) text
Size
311 kB (310706 bytes)
Hash
6b16298266d790554daba055a4dfe2c2
bdd3233cb1094cc7b5c30dcef0b4eccd1af662cd
eb8ca8ff96e239573a57036b21ef902ca9a089857e666814c5383c8cf097115f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/css/frontend.css?ver=3.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:21 GMT
Accept-Ranges: bytes
Content-Length: 310706
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6

91.212.66.190

200 OK

30 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
30 kB (30377 bytes)
Hash
ec45594030549520a0f6078ab4c50a30
b0e6c9dcb599f8a597a8064f634c565f0c996d44
a75e982abfa95a04b78613c167469eab8872fa4ad9180bb522fd6bf240449017

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/uab-responsive.css?ver=2.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 30377
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=6.0.3

216.58.207.234

200 OK

5.9 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=6.0.3
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1398)
Size
5.9 kB (5862 bytes)
Hash
a4c64be3878ceb36796c1a87b3173c3a
37febc085eab2a582388c75954c6b39b3fcebdeb
c3f85a3d153d17f7fb99133915101d9fa1510cf8f1a426fc69875fef78487bb8

HTTP Headers

GET /ajax/libs/jqueryui/1.8.2/themes/smoothness/jquery-ui.css?ver=6.0.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5862
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 06:49:29 GMT
expires: Sat, 25 Nov 2023 06:49:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 491832
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/css; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3

91.212.66.190

200 OK

679 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
679 B (679 bytes)
Hash
795c16c7f09c4bdb4e44be95c52a7cf6
6f3b4bd3323a12a2dcc4732ac4797db73bb82749
bdf851ea5f3ff230b418f731a19433abda875ceea5fc8ccc923a1a66221f12ec

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/fa-solid.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 679
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3

91.212.66.190

200 OK

47 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
47 kB (46999 bytes)
Hash
d63a2485a8deb28a826f6adfcef1f7e0
ecf5f331250fd3829edb3910d57bf2af259be456
b689c434df468c579734961e8632190a5796d94101fabefc8a4f3e8f060ee9b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/fontawesome.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 46999
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-brands.css?ver=6.0.3

91.212.66.190

200 OK

663 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-brands.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
663 B (663 bytes)
Hash
85a3fea53c93538f7e38037c584715fa
513f7cf131d9c1a691dc2fcf64598c70523166d2
97f3f2afe6db3da397c1a0871a73def374284605dea8041798196f954c3f5c31

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/fa-brands.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 663
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3

91.212.66.190

200 OK

686 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
686 B (686 bytes)
Hash
cf5460da8c5c4c3a644090ad828cf4e9
4104dd3cc892c70aae178800554607155620ab55
aef5044b78f9c290bb9ccc3050cd8fa54913ab9d1b8b8fb5e4d04e8ea7196749

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/fa-regular.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 686
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6

91.212.66.190

200 OK

31 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (30819)
Size
31 kB (30982 bytes)
Hash
f1084ded2cf974f6314f2df6f00c53d4
f5224569701f68e04ac1df9da357ccc101e753a5
5cfcdebf8f38725bebe6f58ff39a6d044806bca0220a1e0b7e3257f9ad7392d1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/font-awesome.min.css?ver=2.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 30982
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6

91.212.66.190

200 OK

285 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
285 kB (285050 bytes)
Hash
7ce9a3754096c82546beb43da5f849b1
0c29f933903e4c7ea2d0109bf9b76e97f439f054
030da3738554ef3169547aa3e5e4e63e2523620da5c817e3c318ebe8fe8af310

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/css/frontend.css?ver=2.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:40 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:51 GMT
Accept-Ranges: bytes
Content-Length: 285050
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/jquery.selectbox.css?ver=1.1.9

91.212.66.190

200 OK

2.0 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/jquery.selectbox.css?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
2.0 kB (1969 bytes)
Hash
e62ed1654c70f13b32f1dab590131c24
e728af2d9159342a54657726885c61f75065675a
9683a4826731a5a762f4850b43f763d92ab8718fe8a59ea5072e727a88f4f74f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/css/jquery.selectbox.css?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:56 GMT
Accept-Ranges: bytes
Content-Length: 1969
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/font-awesome.min.css?ver=1.1.9

91.212.66.190

200 OK

29 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/font-awesome.min.css?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (28900)
Size
29 kB (29063 bytes)
Hash
4083f5d376eb849a458cc790b53ba080
fb5b49426dee7f1508500e698d1b3c6b04c8fcce
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/css/font-awesome.min.css?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:55 GMT
Accept-Ranges: bytes
Content-Length: 29063
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3

91.212.66.190

200 OK

233 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
233 B (233 bytes)
Hash
29e08a0befe4552f0c4b3daa2da97471
6d99dfae3139ada7a4513b61d53c0f9a3884c0e5
aacbcb221f648fada619139b81efc00b8bd115ec5ddca3de8769361edae1bcc2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/css/loading-animation.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:56 GMT
Accept-Ranges: bytes
Content-Length: 233
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3

91.212.66.190

200 OK

6.0 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
6.0 kB (5955 bytes)
Hash
b6fdbad7bd5e27dd7c1fe45674e26943
1529dce44d28042d09df915ccf60e9b963787cd6
6fc7e240cedc42494b66fba96e247828d1abe4b5eca89fa4be8dedee7f701df9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/css/fileuploader.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:55 GMT
Accept-Ranges: bytes
Content-Length: 5955
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9

91.212.66.190

200 OK

279 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (444)
Size
279 kB (279426 bytes)
Hash
b2be7f4c92e606c60b512a91baed3d0f
a1a55c37a3a2b6558e65a13b8b36e2db3a3a7e6b
8021bc0e621f2434eae0c5278726a90f3e86cb00343e74abb22b32558a556867

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/css/frontend.css?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:55 GMT
Accept-Ranges: bytes
Content-Length: 279426
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3

91.212.66.190

200 OK

5.5 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
5.5 kB (5541 bytes)
Hash
d37fccf68a24c0e840de4f158a99b671
9d100fb2eba1709c792e09c6e1b6794c11b25d6e
8e8836fb93e7a6803da6193370c69b88271a0fd2372d86fd115ba2473230158a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/vmagazine-companion/assets/css/shortcodes.css?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:37 GMT
Accept-Ranges: bytes
Content-Length: 5541
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1

91.212.66.190

200 OK

18 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (17809), with no line terminators
Size
18 kB (17809 bytes)
Hash
1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:42 GMT
Accept-Ranges: bytes
Content-Length: 17809
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1

91.212.66.190

200 OK

63 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Size
63 kB (62755 bytes)
Hash
979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:42 GMT
Accept-Ranges: bytes
Content-Length: 62755
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1

91.212.66.190

200 OK

908 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (907)
Size
908 B (908 bytes)
Hash
6f1ecd534f48422ce13105c7b6776a6a
5530b098a3fea4bde23e9f9ab799f19d4a0fa2ee
22a79f1fbcc70373c7021bae2164d9232d1e9dd3c6a163df9f9f54070e5f6b50

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-list-horizontal/style.min.css?ver=1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:24:35 GMT
Accept-Ranges: bytes
Content-Length: 908
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8

91.212.66.190

200 OK

43 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (42839), with no line terminators
Size
43 kB (42839 bytes)
Hash
f59e3f4c0087b4d8ddc27bdd9c9ab92b
fac9b521062feb5250c04d62128a8c3ddb312632
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.min.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 42839
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8

91.212.66.190

200 OK

26 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (6610), with CRLF line terminators
Size
26 kB (26396 bytes)
Hash
33c2ef757072512b907793263fe84d4c
857df274b776d6d50feb66e37bba55f6e262d468
e9ff3997fd1824b230d5036b291ec38f1ad0dddc91ace74c95bff332a9078339

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/elegant_font/HTML-CSS/style.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 26396
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8

91.212.66.190

200 OK

8.5 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
8.5 kB (8517 bytes)
Hash
dca27b4a1562d7f98812ae5f9d71932b
0758e33b3821ae3dc248e1ae567098c573e6ab53
0af2c245fcba2be84c64cf74beedd0cddab8c67ceab288ad091cc429a49a65e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/lightslider/lightslider.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 8517
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8

91.212.66.190

200 OK

31 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
31 kB (31004 bytes)
Hash
a0e784c4ca94c271b0338dfb02055be6
88af80502c44cd52ca81ffe7dc7276b7eccb06cf
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 31004
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8

91.212.66.190

200 OK

76 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF, CR line terminators
Size
76 kB (75963 bytes)
Hash
edb77348224c38f9560bf17c2e3d2e6b
7eecfd6ebfab9ad38b1dd780c337360626427641
8621f34021150dff10ae76033fbab2e1e4c9c0840cb0162213425a4b42d2ef54

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/css/animate.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 75963
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8

91.212.66.190

200 OK

20 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (402), with CRLF line terminators
Size
20 kB (20057 bytes)
Hash
5d380f50f8384f73f7f32bb7e244859b
b8cf5b73e264626507a60447b59e32a3924488d7
cb444ba3d0eb341ae27ff4e550228e184ac89b72da014d46e4f252d81ec26c86

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/prettyPhoto/css/prettyPhoto.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 20057
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8

91.212.66.190

200 OK

1.9 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
1.9 kB (1895 bytes)
Hash
b06073c5a23326dcc332b78d42c7290c
64e6c5ff99f14c65752e0322234160f8e83fc6c2
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/slick/slick.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 1895
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8

91.212.66.190

200 OK

3.3 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
3.3 kB (3349 bytes)
Hash
bb4dfbdde8f2a8d4018c1f0293a03483
48124e11e67a0721e4f080d170a111274b44a237
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/slick/slick-theme.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 3349
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8

91.212.66.190

200 OK

44 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
44 kB (43848 bytes)
Hash
bd84063774d389eeb27b9f0f4f0fdf0a
4c38aa2a6c05d14db87e26f8cedafec054f60ad3
7e1494d864c525a652b3179defb60ae4f7c7f1c2841dd75592e82b66e6dad6c7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/css/keyboard.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 43848
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

91.212.66.190

200 OK

90 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (65447)
Size
90 kB (89521 bytes)
Hash
02dd5d04add4759122013c5ab4dc5cc2
a45a56e396ac549b4ff39b696ce9e0c16a7612de
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 89521
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/newsletter/style.css?ver=7.4.2

91.212.66.190

200 OK

6.3 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/newsletter/style.css?ver=7.4.2
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
6.3 kB (6282 bytes)
Hash
e82f7c1bf34a75131708b4d9028fd6f1
587555f2d28fd2b15d470116a6e3c322a06e7cc1
ff7cbd7d791c0f01f1b7db211981bb0506701f663e9e41422586b9e625753ba3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/newsletter/style.css?ver=7.4.2 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:06:50 GMT
Accept-Ranges: bytes
Content-Length: 6282
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

91.212.66.190

200 OK

11 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (11126)
Size
11 kB (11224 bytes)
Hash
79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6

91.212.66.190

200 OK

24 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
24 kB (23552 bytes)
Hash
d27a76a9b635a4dcfbbaaed5f55461f5
8b3f3530e3bcc64767f9b32b53d0b9e60881e533
d02eea8c6f61f96111ea6be2f861cd8b4d05ca2ac717be3177aecd9116d552ba

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 23552
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8

91.212.66.190

200 OK

243 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
243 kB (243016 bytes)
Hash
cc94a87e0f8b5f9d7cf91da76d701ae8
be2f0699da53a35f01f11b1792ade8bc06260c23
5c4a0551cf12f0ed16c247949a10cfc4fbff26aaa8c83708ab9790656c3dbd1d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/css/responsive.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 243016
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-content/themes/vmagazine/style.css?ver=1.1.8

91.212.66.190

200 OK

520 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/style.css?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
520 kB (519481 bytes)
Hash
3924f9462585dff7823a5432829fada9
b70ecbb7e95ab26e2f6576b64604bbff766ac0e0
dc7cf16831f8e694eca2530468d81cdd29a66deb9ee45bbc6593dc7497cc55b1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/style.css?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Tue, 09 Mar 2021 19:24:55 GMT
Accept-Ranges: bytes
Content-Length: 519481
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css

www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1

91.212.66.190

200 OK

37 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (36560)
Size
37 kB (36743 bytes)
Hash
24443da3a469ca21411e562a861ec083
14a10995d6efe48ceea5916e218ecf177560352a
2e65f5c3b3b4c402074c19dee3d24d6bc02a8a86b19c8c992a4a6e78b254b2cd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.13.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 36743
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

91.212.66.190

200 OK

21 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
21 kB (20715 bytes)
Hash
6aaf0a4e8eac131defea126f5b1b5fbf
24da0326af36303e5a1e9799a3c26f7a1077928c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 20715
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3

91.212.66.190

200 OK

47 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text
Size
47 kB (47269 bytes)
Hash
59514960cf71749a03c204a44345eaca
10f1ec9ca8633c5be2809d479bbd3bc5c57f622d
4dbc244226a30f6c28c384b9fd2c7d21535c58674c9773e6db0bb4b5faf2271e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/js/fileuploader.js?ver=6.0.3 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 47269
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6

91.212.66.190

200 OK

15 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (591)
Size
15 kB (14872 bytes)
Hash
aa294d7a6febff508aec6691684137c4
fa313b686a1b3d9b80cc5d2063d91969848a142f
97034923921c5b085988d368e84feff2fe422cd0405678f9bcc05270cfa68eaf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/js/lightbox.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 14872
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6

91.212.66.190

200 OK

672 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
672 B (672 bytes)
Hash
af6f98a77d3ef9844e547fdbda7b935c
5e1abbc9b44a66bc340249e598a87d0294a9416c
ef9d4a59c3077004cefa3e815ec8135031010d0bc6684cb31d392e2e214298e4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/js/tag-it-custom.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 672
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
7e8cd73c758ca6307b135b3d15ea36e6
41cb1eb686b0415b438c3668decfc314506f62fa
d7a82074159287773979b486cf418424d7c1ed1e55e521d4200cea2a26cebbb5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Last-Modified: Wed, 30 Nov 2022 22:41:35 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
146dac10a93604a686550631e14eefb9
b4af601ce6d515d9ec124938ce626060e0d43099
bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6

91.212.66.190

200 OK

30 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (402)
Size
30 kB (29536 bytes)
Hash
f15b068837cb703c372f44df2b4c0384
6f3fa3430d7d8dbb1f001d467dec263542eb508b
b9fd13679e033836f0d54e3b01fb61077fdf7bf58685a6fc891693d66e873c85

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/js/frontend.js?ver=3.2.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:19 GMT
Accept-Ranges: bytes
Content-Length: 29536
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18353
Expires: Thu, 01 Dec 2022 04:32:34 GMT
Date: Wed, 30 Nov 2022 23:26:41 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg

34.120.237.76

200 OK

2.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.2 kB (2150 bytes)
Hash
995eb3df7ec5507e3392fdb1ca6395b4
9bc2e9039e9340b83ffcfb90e4e2c631a8723e60
4c86fdcd3b338040ea8130ee6a1ed5c3bd66c4dd59fe461f81e5df88a379ebb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9768b9bd-d7a9-4426-a5b2-ea1a71860733.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2150
x-amzn-requestid: 59ef9edf-d9c1-45d0-b084-adf8e2f0738d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cXQcKGPXoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6385fab4-693e8d7d5632d48722e31757;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 12:27:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iO-jUNMNzAM6zHh1oEftgZcW18vxdgaFGpNe4a1WHU97pRMMuHIKaQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 17:51:49 GMT
age: 20092
etag: "9bc2e9039e9340b83ffcfb90e4e2c631a8723e60"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16038 bytes)
Hash
ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 6068
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12655 bytes)
Hash
1039182464db1365a476dd88029b97d8
06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac
2e081da1464a18d755a841558f63303634a9e22df888c9c43246565abfc3d48d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c95c82f-93f9-4783-a6c2-2c737a51d52c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12655
x-amzn-requestid: beeeccd0-a494-4d0c-91e9-0d1e2ab37b6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0YoFmMIAMFT4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdd0-60f5e2286cf3965a42ab31b9;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CiGOvF7Lmz8cICQcjUcE6QGokbAIAd3WClI4PK_aDSxo-yHVcPPA7w==
via: 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:29 GMT
age: 6072
etag: "06b395b4fbad5ad9c9fb6a4fb24c1eee607aa8ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7

91.212.66.190

200 OK

830 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (520)
Size
830 B (830 bytes)
Hash
4d3b9be4d3227e8879b94c20daea3ba2
486c5b5fd9de759457fb74d44bca35ef5cea26af
d05c39d16a7ced23ea1d6930893e848d5554260f91395849dae4470344ff0199

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/js/linearicons.js?ver=3.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:24 GMT
Accept-Ranges: bytes
Content-Length: 830
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12035 bytes)
Hash
acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 6067
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9993 bytes)
Hash
70afa08b7d0b64772b90ae190689e6c1
527cf32104041423176fadd3cfc2120fe63f6bfc
31ebf9decb53b8180922c4b10d0427aba95a802246a5ced8ec368d814a33b843

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2bbca075-74f3-4647-8b00-66430fff5397.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9993
x-amzn-requestid: 7d7febbc-2bdf-44e9-9727-9c56b5bcb138
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1VNFZiIAMFV-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cf54-1f89231026a9b5c467324134;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:47:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qK6AAXX3bqNSjQerE2jNysmMWX6X5j4Mm-MRQfG06YU7YmklFfE3NQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:50:08 GMT
age: 5793
etag: "527cf32104041423176fadd3cfc2120fe63f6bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9459 bytes)
Hash
e1e6b6ba4f82221b41c3d9129008c76d
2f9532d698b4c28df23e18bbb66399ec776d5b9f
218c6f41a16e6087c611d4db5784a7cc1d027084d0bf2bd6dc3843ee5dfd560f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc2b4ec6-0955-4089-983c-0abf7fd13bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9459
x-amzn-requestid: c08f55b2-7ac6-4dec-b53c-fd3f4533f9c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpBiGoHIAMFR2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bba3-69c2c2d05e55fd745caf1dce;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:09:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w_Mb-0pBwp-pUyU2bdJ8MhrGHkk6VQgJmcGV9MfHwj_yGUMIYZkyrg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 10:53:00 GMT
age: 45221
etag: "2f9532d698b4c28df23e18bbb66399ec776d5b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6

91.212.66.190

200 OK

84 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
84 kB (84265 bytes)
Hash
99cf8430b8d81c268269760118ec31a4
3fec23eeb6e45407f1fa1d38cf1cd3d463dd1f7a
430f384b0fc496d9650c747cca458a7eae062530c718aa7a896d99031fbbae8d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/js/slick/slick.js?ver=1.0.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:36 GMT
Accept-Ranges: bytes
Content-Length: 84265
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9

91.212.66.190

200 OK

124 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (42889)
Size
124 kB (124185 bytes)
Hash
e5cd17674ab1e7e8f556707b9e894175
c1b2a4a4f6fde101fc5bb4918c75fe8c2b163eb8
a4aca4b3ad7c3976cfbd935294d071c1e276081e7a8ddeaf030ab5b5e280204d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.3.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:23:39 GMT
Accept-Ranges: bytes
Content-Length: 124185
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/fileuploader.js?ver=1.1.9

91.212.66.190

200 OK

47 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/fileuploader.js?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text
Size
47 kB (47264 bytes)
Hash
98cde89c7ee02f7e2a40073f28a37944
665e01df8a1134516e829cae8f6d0d26f63aef06
f0dbfe605aac49325f6b34f64a9ff1a12cbcc4e3f6f6df6f77595dd250971c83

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/js/fileuploader.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 47264
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9

91.212.66.190

200 OK

9.3 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (8996)
Size
9.3 kB (9280 bytes)
Hash
adf81ade4d0a8a6934d76b6e47dbb883
d5033b2320d2cc6b8de9b43787cfadb4d2f9245d
91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/js/jquery.selectbox-0.2.min.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 9280
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1

91.212.66.190

200 OK

3.4 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (3233)
Size
3.4 kB (3411 bytes)
Hash
5c38aa6d5b98586ca2ba973ab8b4b6b1
8215983363ea0d74f99368336404b0d27217778f
7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 3411
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.9

91.212.66.190

200 OK

338 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (64270)
Size
338 kB (337548 bytes)
Hash
c0783a3a9c443828a8b26ea96bb2c986
3fe1bbcfd0bc7adb1c504a057e9243cdb523c554
387396b35daa1edeab09e949101c7473b855e0c465dcee906f860db9cf2ba1fa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.3.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:23:39 GMT
Accept-Ranges: bytes
Content-Length: 337548
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9

91.212.66.190

200 OK

1.3 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with very long lines (1090)
Size
1.3 kB (1291 bytes)
Hash
700b877cd3ade98ce6cd4be349d81a5c
c1c36e6927436231eb20474356b29667c4c648aa
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/js/jquery-ui-touchpad.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 1291
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7

91.212.66.190

200 OK

15 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
15 kB (15068 bytes)
Hash
3feaf7e7b9e4ccdb944d4e2840907a5b
65ef77a1ab8e305a6872dc2c0ba3a6f688a98f9e
fefff8161269b107e18eb9f9ae30fdc46ca9dcd96ae322c855bbe95b0c01623e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-social-pro/js/share/frontend.js?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:04 GMT
Accept-Ranges: bytes
Content-Length: 15068
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9

91.212.66.190

200 OK

31 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (373)
Size
31 kB (31177 bytes)
Hash
0c5df04ba4359968c4682e6a7e5108d5
886bc1f3b6cb79c29532999ad97539036c4e2881
9a4f4e90a45250574a92386246673abe09d604221f47be1e9dc01d02dc083e39

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-form-builder/js/frontend.js?ver=1.1.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:09:01 GMT
Accept-Ranges: bytes
Content-Length: 31177
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7

91.212.66.190

200 OK

1.2 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text
Size
1.2 kB (1179 bytes)
Hash
3305070732801b98f1d11f384ba19014
c2b5348a2b006f2a2343669c8eb2fe2f1bf5c3a6
5a33651183bef3e7839ce9285f0e830c78322c4d7d4062294fd31fe345c6fc3d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-social-pro/js/counter/frontend.js?ver=2.0.7 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:03 GMT
Accept-Ranges: bytes
Content-Length: 1179
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

91.212.66.190

200 OK

6.5 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (6475), with no line terminators
Size
6.5 kB (6475 bytes)
Hash
61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 6475
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1

91.212.66.190

200 OK

3.0 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
3.0 kB (3037 bytes)
Hash
8bc2109ef48cabf7a26b73d7c3536c5f
0e0dfee3a3975eafc3dd55f190d1deb3c6c55d3b
8634aa7a3ac0bc6d359b458c8922e9d3269f64c1355b329bfe215beb12773af8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:12 GMT
Accept-Ranges: bytes
Content-Length: 3037
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1

91.212.66.190

200 OK

9.5 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (9139)
Size
9.5 kB (9533 bytes)
Hash
87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:14 GMT
Accept-Ranges: bytes
Content-Length: 9533
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

91.212.66.190

200 OK

19 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
19 kB (19142 bytes)
Hash
57459b58fd7665a5e20b2345463df9c9
71c3b177ad1412d5e0b56d99f18bc345148df88b
6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Wed, 02 Nov 2022 08:59:59 GMT
Accept-Ranges: bytes
Content-Length: 19142
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6

91.212.66.190

200 OK

9.7 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document, ASCII text, with very long lines (9720), with no line terminators
Size
9.7 kB (9720 bytes)
Hash
cfb428c02811f0cbe515d5f3dca61de6
e95f8696fbe29a706e66ccf582b36d9bd650ab9f
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:05 GMT
Accept-Ranges: bytes
Content-Length: 9720
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1

91.212.66.190

200 OK

1.8 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (1668)
Size
1.8 kB (1834 bytes)
Hash
d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:15 GMT
Accept-Ranges: bytes
Content-Length: 1834
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1

91.212.66.190

200 OK

2.1 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (2139), with no line terminators
Size
2.1 kB (2139 bytes)
Hash
b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:14 GMT
Accept-Ranges: bytes
Content-Length: 2139
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1

91.212.66.190

200 OK

2.9 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (2938), with no line terminators
Size
2.9 kB (2938 bytes)
Hash
0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:25:12 GMT
Accept-Ranges: bytes
Content-Length: 2938
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8

91.212.66.190

200 OK

3.4 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document, ASCII text, with CRLF line terminators
Size
3.4 kB (3437 bytes)
Hash
c1b7fbe6b1a3b777fddfe187094deb97
498d2b1a5cfd53ce9b320c9ccd7d53ea7b04ffb7
64e9efa2008c5bd0973816eee4eaaf03a2b02f7a1b2f4317318f8711676fa01f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/js/jquery.fitvids.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 3437
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8

91.212.66.190

200 OK

5.0 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (4890), with CRLF line terminators
Size
5.0 kB (5023 bytes)
Hash
e1ede55b9e9b7859a8044e4a7faa616d
a557fa257f3c6376d6480c2c919be9f833cfda6d
0192777d238a25bd733dcbf1e16096129fe0015a9220a04ba1baca322000cfe8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/lazy-load/jquery.lazy.min.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 5023
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8

91.212.66.190

200 OK

3.1 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
3.1 kB (3089 bytes)
Hash
f871c9ac0b45315adf1eb810e12f25db
d00cfc8d125f08ee5b227cc62a529b59b7ee7744
28da7cecad28461418089f8aa61188365dd9935932004e6d35f24b729d637ebd

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/js/navigation.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 3089
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8

91.212.66.190

200 OK

95 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (732), with CRLF line terminators
Size
95 kB (95406 bytes)
Hash
50c803e1483b1bbb1531fea61f849d98
6643dec32d981aeeda46f85ee130d74f14732bfe
72f572c5dd07fac37e4163060402399196415573f52a70526f0e8a848bf1cff3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/mCustomScrollbar/jquery.mCustomScrollbar.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 95406
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8

91.212.66.190

200 OK

732 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
732 B (732 bytes)
Hash
4b67b4e4144499d75b62d75b6e8f00da
3bd5055fb6c65f59ee5a4292c8a4d5205d869469
11568a1a7f4ac4e0430f69d6f8a3d47fe874c9d10db8bc24975d28b6745a1e67

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/js/skip-link-focus-fix.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 732
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8

91.212.66.190

200 OK

16 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
16 kB (16066 bytes)
Hash
a586cc49b879664d7cfff48e50dbb52f
c90461326ec06a6d9d32c651431efb36dd7dbd86
9ab5f1868d663b2fcf356058bfabd23a9a428f29d226fa5ac93cc3269775e01c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/js/wow.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 16066
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8

91.212.66.190

200 OK

22 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (21223), with CRLF line terminators
Size
22 kB (21512 bytes)
Hash
11289aa698605cab3300acef620164fc
e13ff658c3f1d0b3c5caf6793816ef7eb64dce2e
b649d54062bfbf69d736f62f09317785091dc9a17abffa380289f55f92f4e8db

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/prettyPhoto/js/jquery.prettyPhoto.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 21512
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8

91.212.66.190

200 OK

50 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
50 kB (49958 bytes)
Hash
ab61327c0c8eb87f2bdadffbff396bd0
ec7f3612267e06dd54138a781b20f0a82e1a3d60
fe1f0da2dae044b6dc164d445ff5f64071143a10b007ccf1a0cca155bbb884bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/lightslider/lightslider.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 49958
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8

91.212.66.190

200 OK

746 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (744), with CRLF line terminators
Size
746 B (746 bytes)
Hash
6666d96c35eae9133de6698202db6e86
3176ae1c7c58540e408d9eaae8a072fb46f12d83
4e20b50061dbc5b7e11a57354561f02e99b0e2a973cfb01f32343780d0e55e59

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/js/iframe-api.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 746
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8

91.212.66.190

200 OK

16 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
16 kB (15879 bytes)
Hash
57fc6833c91389acb956c8655a2e1094
5d2247f0b2ce97ea7fea15c82b19288fcf2b11e1
12a858bafa70df1cb8457f92b0c7663cff6d9121e2e58606596dd3cb21cd70a9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/theia-sticky-sidebar/theia-sticky-sidebar.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 15879
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8

91.212.66.190

200 OK

43 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (42862), with CRLF line terminators
Size
43 kB (42864 bytes)
Hash
777da4aaf5b960636dec0fd4e50ba489
9a94038ccae90e6d2a0f9cb61f79ae7c70320287
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/slick/slick.min.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 42864
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8

91.212.66.190

200 OK

38 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with CRLF line terminators
Size
38 kB (37687 bytes)
Hash
75a781acf7793dace74872762457dd73
d36c03a4356b221d21070d56b1fd084f3e996dbd
5ea0008cb1650dc71a6c3bda07e5ef8847374e46601d6ffd2a42ee66c7e7d3e3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/js/vmagazine-custom.js?ver=1.1.8 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 37687
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6

91.212.66.190

200 OK

344 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (344), with no line terminators
Size
344 B (344 bytes)
Hash
ad0af34ee472b7311217f496c54f44eb
b3e6ecf79b7c84e35862d502cf71141a434a0bdc
5550f904be1dd8825d113db685b9c92507fa0087d414c6a1f64852d62758c0c4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce-multilingual/res/js/front-scripts.min.js?ver=4.12.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:20:23 GMT
Accept-Ranges: bytes
Content-Length: 344
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6

91.212.66.190

200 OK

364 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (364), with no line terminators
Size
364 B (364 bytes)
Hash
ca73d10f3745efeaba4661f371be89f6
cbe4a7eeaa2e03fd5a106dca9d4f5466da51c867
00b55d4c2f81b6b53aa944b364b81ac1e1a3a4f3e94818b14eb270e5f156f24b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce-multilingual/res/js/cart_widget.min.js?ver=4.12.6 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:20:21 GMT
Accept-Ranges: bytes
Content-Length: 364
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: application/javascript

www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1

91.212.66.190

200 OK

7.0 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
ASCII text, with very long lines (7043), with no line terminators
Size
7.0 kB (7043 bytes)
Hash
456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.3.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:19:42 GMT
Accept-Ranges: bytes
Content-Length: 7043
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2

216.58.207.227

200 OK

10 kB

URL HTTP/2
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 10016, version 1.0\012- data
Size
10 kB (10016 bytes)
Hash
efc008ddacd9f630d61b0717e7864257
8c79a2fe12c7e4d80f053e40540e4544744600a5
c2cd3e005de210fcbb5372b4267c5d3d067e0564f017dd5ccba202d040f820d7

HTTP Headers

GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcABrB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10016
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 14:54:19 GMT
expires: Sun, 26 Nov 2023 14:54:19 GMT
cache-control: public, max-age=31536000
age: 376343
last-modified: Mon, 11 Jul 2022 21:03:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

91.212.66.190

200 OK

77 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/themes/vmagazine/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/themes/vmagazine/assets/library/font-awesome/css/font-awesome.min.css?ver=1.1.8
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 07 Mar 2021 10:50:36 GMT
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: font/woff2

fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDxrBZQI.woff2

216.58.207.227

200 OK

3.6 kB

URL HTTP/2
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDxrBZQI.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 3584, version 1.0\012- data
Size
3.6 kB (3584 bytes)
Hash
7eccf02f75bfbff194970989c52836fa
438fd2a5a0cbe42f625cf6171eeded2069b59dc1
34862e0af0a8c1373b9004a435d40f6bce444cb7a97278d883c83b916991413a

HTTP Headers

GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDxrBZQI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 3584
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:19:43 GMT
expires: Wed, 29 Nov 2023 18:19:43 GMT
cache-control: public, max-age=31536000
age: 104819
last-modified: Mon, 11 Jul 2022 21:30:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/uploads/2021/03/V_K0486_rev3-01.png

91.212.66.190

200 OK

42 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/uploads/2021/03/V_K0486_rev3-01.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 795 x 93, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42398 bytes)
Hash
108d4bb33e590be13ad97e1dbe8f5301
257cf68cdf5dfe448a5d47cbc9947082d2ec5dd6
5923de353e4ff6e9aa3686c68b48d40f1f97eab712acd71def88fde383f147fd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/03/V_K0486_rev3-01.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:13:24 GMT
Accept-Ranges: bytes
Content-Length: 42398
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png

fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDhrBZQI.woff2

216.58.207.227

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDhrBZQI.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28536, version 1.0\012- data
Size
28 kB (28536 bytes)
Hash
f8a83d5e031a65613db5dd69a966669c
6bdefab36241903920f4676dd33e482a2942e25f
0a8e8c6925cf080cbf090022781314535ed8d5cedd92ea088ff3fbc961bf8d43

HTTP Headers

GET /s/arimo/v27/P5sfzZCDf9_T_3cV7NCUECyoxNk37cxcDhrBZQI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:39:02 GMT
expires: Fri, 24 Nov 2023 12:39:02 GMT
cache-control: public, max-age=31536000
age: 557260
last-modified: Mon, 11 Jul 2022 21:13:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:11:08 GMT
expires: Wed, 29 Nov 2023 17:11:08 GMT
cache-control: public, max-age=31536000
age: 108934
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/uploads/2021/03/Logo-UpfarArgoa-72dpi-black-1.png

91.212.66.190

200 OK

22 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/uploads/2021/03/Logo-UpfarArgoa-72dpi-black-1.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 339 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
22 kB (22078 bytes)
Hash
be7392d11703a4034b28b7659694fc7d
14b7752ccf384326f2c222e1f76e6700820b9680
93449fa4100ee9a1ff642d9bfafc77da1e69ef3103f81d4c4a2c79aa3c777c56

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/03/Logo-UpfarArgoa-72dpi-black-1.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:12:25 GMT
Accept-Ranges: bytes
Content-Length: 22078
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/png

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/loading.gif

91.212.66.190

200 OK

1.9 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/loading.gif
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
GIF image data, version 89a, 54 x 55\012- data
Size
1.9 kB (1924 bytes)
Hash
b7998fb83f2426a89721ce30d2a7bdc5
10c0299c814242b8e05d65b3c9700b32f78b028a
a41e7043b455f67ca63b6a6ff98f8cb9fda13e7ab3072ad2eb1d18114d0df851

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/images/loading.gif HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:22 GMT
Accept-Ranges: bytes
Content-Length: 1924
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/gif

cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

104.17.25.14

200 OK

1.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2609)
Size
1.0 kB (1046 bytes)
Hash
f56bc0a6837b34f783f73cd70cd9f2c1
a093b6f45674f1cac3ccc35498eb1a5945f7dde9
0c67ee4dc6af2a5a0b020d3e2e5b049720e516bb4faf6b0b60bd96bf3eba1199

HTTP Headers

GET /ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:26:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-ad3"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9780367
expires: Mon, 20 Nov 2023 23:26:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=byZmd98zqI4JZDrNLke6ScYKedyr%2B%2F%2B4%2FN7wKiL%2F%2Bl%2BJ4b6LOhgofgvRXpIzlHM4TMRPXmA6atpQK6rXYaeb3xLByyYNyVwy6KJWlxfMVz1ERdbwQadxvUPruVEUPJtTUzXXxFbE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7727597abfbab51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/round-prof.png

91.212.66.190

200 OK

72 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/round-prof.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size
72 kB (72516 bytes)
Hash
883d1d9c7242d89bf5f0ebba5514d463
ec8a8dbbd5767cf7f83fb7ca8b72afbaeb31908d
9926c1002ceecdef90b5a23c7a00f14c01c92ed4b2503cf54ec6c40a96a0bde1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/images/round-prof.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:23 GMT
Accept-Ranges: bytes
Content-Length: 72516
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
608e4d04a251ebcd51660e801f388303
fcb9aa48fd6ed504a1a9fed7990c5ccde63e6a1d
cc1a34cd0a99e301df97cf184ab0ded2e229659f86f43e4eff479dee221695dc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/images/share/ajax-loader.gif

91.212.66.190

200 OK

673 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-social-pro/images/share/ajax-loader.gif
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
GIF image data, version 89a, 16 x 16\012- data
Size
673 B (673 bytes)
Hash
6f22eac466d2feb96593175f8c441723
cf35638529b05c5690ab2f926e0e2bb1af32bf06
437ed22e00631100ee0a753f3c544d85069ad55d88b60e5d3e54e2fe311c929d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-social-pro/images/share/ajax-loader.gif HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:16:01 GMT
Accept-Ranges: bytes
Content-Length: 673
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/gif

s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js

172.217.21.174

200 OK

8.8 kB

URL HTTP/2
s.ytimg.com/yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js
IP
172.217.21.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (631)
Size
8.8 kB (8763 bytes)
Hash
fdb31e90c509ac6256972808ae01436d
b50792717191fac50badc564d28eeda9c8d4be10
697874af8dd908409f2f906fbbd3907ef75dc988934fd4bdaf844afc31c6f33b

HTTP Headers

GET /yts/jsbin/www-widgetapi-vfl9r3s0R/www-widgetapi.js HTTP/1.1
Host: s.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: https://www.youtube.com
content-length: 8763
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:37:25 GMT
expires: Wed, 07 Dec 2022 07:37:25 GMT
cache-control: public, max-age=691200
last-modified: Wed, 13 Jul 2016 18:57:42 GMT
content-type: text/javascript
age: 143357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/popup-image.png

91.212.66.190

200 OK

511 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-instagram-feed-pro/images/popup-image.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 484 x 392, 8-bit/color RGBA, non-interlaced\012- data
Size
511 kB (511337 bytes)
Hash
06d6a4e07cbc3dd2ce3ad758a80889f4
c487cd54756205852be6c6faf9b8924bc7ac4899
2ed7fa5a8b500ebca87ff4296f5aab6594f0da88eb58a85ff7863c6bc3b1a44e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-instagram-feed-pro/images/popup-image.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:07:23 GMT
Accept-Ranges: bytes
Content-Length: 511337
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png

www.upfarargoa.ro/wp-content/uploads/2021/08/Logo-UpfarArgoa-72dpi-black-1024x573-2-300x132.png

91.212.66.190

200 OK

9.3 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/uploads/2021/08/Logo-UpfarArgoa-72dpi-black-1024x573-2-300x132.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 300 x 132, 8-bit gray+alpha, non-interlaced\012- data
Size
9.3 kB (9316 bytes)
Hash
6f33ad22593dccfeb478b399e06222d8
671a520f67f741243dace98a6b1cbc717fc38c06
9ec8cca54373884ac72fb6a2b014779dc6994dfbba25259b3092b1d0bb9be0fd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/08/Logo-UpfarArgoa-72dpi-black-1024x573-2-300x132.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:13:40 GMT
Accept-Ranges: bytes
Content-Length: 9316
Keep-Alive: timeout=5, max=80
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd528f6c2c45e38c52095a73a9cd8c68
dca2df874a830edac932136d474453c18d933024
4c7e75aaccb4b74e227ada3b56829f52cb7f14ad05454f7bd6eccf3e94185218

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 23:26:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/prev.png

91.212.66.190

200 OK

1.4 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/prev.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1360 bytes)
Hash
84b76dee6b27b795e89e3649078a11c2
6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/prev.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:44 GMT
Accept-Ranges: bytes
Content-Length: 1360
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/next.png

91.212.66.190

200 OK

1.4 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/next.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1350 bytes)
Hash
31f15875975aab69085470aabbfec802
777e92c050f600b4519299c3d786b8f2f459fea4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/next.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 1350
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/loading.gif

91.212.66.190

200 OK

8.5 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/loading.gif
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
GIF image data, version 89a, 32 x 32\012- data
Size
8.5 kB (8476 bytes)
Hash
2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/loading.gif HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 8476
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: image/gif

www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/close.png

91.212.66.190

200 OK

280 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/close.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Size
280 B (280 bytes)
Hash
d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/accesspress-anonymous-post-pro/lightbox/img/close.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/wp-content/plugins/accesspress-anonymous-post-pro/lightbox/css/lightbox.css?ver=3.2.6
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:15:43 GMT
Accept-Ranges: bytes
Content-Length: 280
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12ef30d526ddf69306f141dbd5a35cbc
c642b249d097aa2cc1042c6c3732afb2c7cc46a6
b505d1a52ea128e3815a0cb48ebbe849693643618865107d2f55d4b7723e6138

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B505D1A52EA128E3815A0CB48EBBE849693643618865107D2F55D4B7723E6138"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5028
Expires: Thu, 01 Dec 2022 00:50:30 GMT
Date: Wed, 30 Nov 2022 23:26:42 GMT
Connection: keep-alive

accesspressthemes.com/import/vmagazine/wp-content/uploads/2018/04/averie-woodard-111823-unsplash-1.jpg

192.254.190.152

404 Not Found

462 B

URL HTTP/2
accesspressthemes.com/import/vmagazine/wp-content/uploads/2018/04/averie-woodard-111823-unsplash-1.jpg
IP
192.254.190.152:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
462 B (462 bytes)
Hash
3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648

HTTP Headers

GET /import/vmagazine/wp-content/uploads/2018/04/averie-woodard-111823-unsplash-1.jpg HTTP/1.1
Host: accesspressthemes.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
last-modified: Mon, 07 Oct 2019 13:59:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 462
content-type: text/html
date: Wed, 30 Nov 2022 23:26:42 GMT
server: Apache
X-Firefox-Spdy: h2

www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-192x192.png

91.212.66.190

200 OK

28 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-192x192.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27831 bytes)
Hash
220fbeb6bdcfaec412c2e936a0c2d88d
59fd328103e4f937aff2238f07518d3e48b36b5a
d314f3145fd5c4aa50df3521d2efa8078e79c81aee6bc32be3f4df9042a4dfeb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-192x192.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:43 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:11:47 GMT
Accept-Ranges: bytes
Content-Length: 27831
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png

www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-32x32.png

91.212.66.190

200 OK

2.5 kB

URL HTTP/1.1
www.upfarargoa.ro/wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-32x32.png
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.5 kB (2482 bytes)
Hash
0364cb52864ed329f467cd7f12231f39
02ec5211451d5f563869301f1ad8272e53d39ad2
6b44b1e7d1496bab1f3add37718f61c79a6d88faa7aa354d2c9d03060b5311f8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/03/cropped-V_K0486_rev-012-2-32x32.png HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:43 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:11:47 GMT
Accept-Ranges: bytes
Content-Length: 2482
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/png

www.upfarargoa.ro/?wc-ajax=get_refreshed_fragments

91.212.66.190

200 OK

285 B

URL HTTP/1.1
www.upfarargoa.ro/?wc-ajax=get_refreshed_fragments
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type
JSON data\012- , ASCII text, with no line terminators
Size
285 B (285 bytes)
Hash
714179c89e269d693e9764c47935e8f3
d052e4a6e9050186e482648073df45610f82c734
655704410bac0feb36e7ceea5862ef5bc5f6b8f40eee2e78256de71b2ed0e20f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://www.upfarargoa.ro
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Pragma: no-cache
Access-Control-Allow-Origin: https://www.upfarargoa.ro
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Robots-Tag: noindex
Keep-Alive: timeout=5, max=79
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/json; charset=UTF-8

www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1

91.212.66.190

200 OK

0 B

URL HTTP/1.1
www.upfarargoa.ro/wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed

HTTP Headers

GET /wp-content/plugins/ultimate-author-box/js/jquery-ui.js?ver=1.12.1 HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 23:26:41 GMT
Server: Apache
Last-Modified: Sun, 26 Jun 2022 22:08:53 GMT
Accept-Ranges: bytes
Content-Length: 520714
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript

fonts.googleapis.com/css?family=Arimo&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Arimo&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Arimo&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:40 GMT
date: Wed, 30 Nov 2022 23:26:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:40 GMT
date: Wed, 30 Nov 2022 23:26:40 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Amatic+SC%7CCrafty+Girls%7CItalianno%7CGreat+Vibes%7CSchoolbell%7COswald%7CLato%7CMontserrat%7CDroid+Sans%7CPoppins%7CVarela+Round&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Amatic+SC%7CCrafty+Girls%7CItalianno%7CGreat+Vibes%7CSchoolbell%7COswald%7CLato%7CMontserrat%7CDroid+Sans%7CPoppins%7CVarela+Round&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Amatic+SC%7CCrafty+Girls%7CItalianno%7CGreat+Vibes%7CSchoolbell%7COswald%7CLato%7CMontserrat%7CDroid+Sans%7CPoppins%7CVarela+Round&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:40 GMT
date: Wed, 30 Nov 2022 23:26:40 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C700%2C900%2C100&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C700%2C900%2C100&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A400%2C300%2C500%2C700%2C900%2C100&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:41 GMT
date: Wed, 30 Nov 2022 23:26:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=2.0.7

188.114.99.234

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/latest/css/font-awesome.min.css?ver=2.0.7
IP
188.114.99.234:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/latest/css/font-awesome.min.css?ver=2.0.7 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 30 Nov 2022 23:26:40 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:56 GMT
cdn-cachedat: 2021-06-08 02:11:52
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a598449d49cc560d4528aee3606858c
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 15293417
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 772759717b4cb4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.0.3

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.0.3
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A400%2C600%2C700%2C400italic%2C300%7CPoppins%3A300%2C400%2C500%2C600%2C700%7CMontserrat%3A300%2C300i%2C400%2C800%2C800i%7CLato%3A300%2C400%2C700%2C900&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.upfarargoa.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 30 Nov 2022 23:26:41 GMT
date: Wed, 30 Nov 2022 23:26:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.upfarargoa.ro/lvot/?qbot.zip/

91.212.66.190

404 Not Found

0 B

URL HTTP/1.1
www.upfarargoa.ro/lvot/?qbot.zip/
IP
91.212.66.190:0
ASN
#48837 Sc Alfa Web Srl

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed

HTTP Headers

GET /lvot/?qbot.zip/ HTTP/1.1
Host: www.upfarargoa.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.upfarargoa.ro/lvot/?qbot.zip/
Cookie: PHPSESSID=a1e16d87547e93ed86ab682b2cbe4f38
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Date: Wed, 30 Nov 2022 23:26:42 GMT
Server: Apache
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (60)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations