swst.pk/vup/index.php?QBOT.zip
116.202.117.165301 Moved Permanently 0 B URL HTTP/1.1 swst.pk/vup/index.php?QBOT.zip
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /vup/index.php?QBOT.zip HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://swst.pk/vup/?QBOT.zip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2991
Expires: Tue, 06 Dec 2022 22:46:36 GMT
Date: Tue, 06 Dec 2022 21:56:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 905
Cache-Control: max-age=132578
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:45 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:46:23 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9747
Expires: Wed, 07 Dec 2022 00:39:12 GMT
Date: Tue, 06 Dec 2022 21:56:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 21:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2179
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YvPRYdCKRnccX/LYE6QBTj1GAQByE11cISEP+mpsF/EGa5JwgFTUwBPzFdHwUSHCFmAufLhtBe8=
x-amz-request-id: TD88KE0SMNM8VTBD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 21:49:07 GMT
age: 458
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
swst.pk/vup/?QBOT.zip
116.202.117.165404 Not Found 20 kB IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash af653402ebbf964e54ad1c28c1d7bc59
c5eed8236048579d03dc9cbb34fffa44f1e05836
652a5e7a1311bc3558d205d018d329d132d81e56441cfc863618126f2e832923
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /vup/?QBOT.zip HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 06 Dec 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://swst.pk/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip
swst.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
116.202.117.165200 OK 13 kB URL HTTP/1.1 swst.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (47826)
Hash 564ad59aa0cce5971f8b524dcba938da
6897bb88d119424de6f73a573ace204aed5be582
fe9dafe92d3b0d07334ff80a3b5f3bf513a21e137ce9a8e7638cc664ebb0f918
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 16 Nov 2022 01:28:28 GMT
Expires: Thu, 05 Jan 2023 21:56:45 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.17
116.202.117.165200 OK 4.9 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.17
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (29253), with no line terminators
Hash 81bc37890f6630341f48e7d995afa362
15e86394c3e2d77fbf9a1f24924db633e688e17b
2429ccfca73aee772156d9cbfb5128c9bb124e92d134f7586ca510ea1900c2f9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.17 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:41 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
116.202.117.165200 OK 815 B URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2630), with no line terminators
Hash b5232ad2af14898800c8f5109c15b526
1865c0f3df3d48f0ec2ca9acbc3c8ed3a9d6a70e
dfb458381d56ddad9b6d8f376146fd8e208d5d6f988857d2ec6564d7a0206d87
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:41 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
116.202.117.165200 OK 7.0 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30429)
Hash 535f43d0d7222eddfc56e57911a110a1
510a593f2ca41320c9ddf6a7fc79b38f4254169d
2f927aa6603e0e057b7598a7e4426b78e2256e369a29f68b15f96a7e455661e2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:41 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-includes/css/classic-themes.min.css?ver=1
116.202.117.165200 OK 217 B URL HTTP/1.1 swst.pk/wp-includes/css/classic-themes.min.css?ver=1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Content-Length: 217
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 13:45:16 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
swst.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
116.202.117.165200 OK 13 kB URL HTTP/1.1 swst.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 0772c7a51019bfc117208874b3d4007f
9b1a368c890b1834d0bbc5e739639addaeee750e
8e41787b96ed4cc4174b7df7a4f58c00b279bd3cf6a6a3b6cfc883d8fc36163f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.5.5
116.202.117.165200 OK 9.0 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.5.5
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (62497), with no line terminators
Hash 90478b4133e72b2052f725a974854d52
53f46f616014a8f12705a9ba6864ff0b0b983064
9760288ad53bd57c00faeb66734367f085a468cb4603e2990be14bef7698ea85
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.4
116.202.117.165200 OK 323 B URL HTTP/1.1 swst.pk/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.4
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Hash b24c24b7da3ffeed6ae8ade102a4d317
c4445b3977ce704b927508108e100213eea67a3c
5421ad49b70f379553eaceec744d753e74d4b065966c08aa7c7dd949553ca9a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:33:48 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1
116.202.117.165200 OK 3.5 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (16591)
Hash a636bf9c541bd5fe4d42fdbc3e12962e
089722e93afdad497524ee2bbe7ae3bc46540d5b
ba39483319a134071c47bc0f669efa1317b2ea1529e44d4fedc8a938d5f8f67e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:32 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.13
116.202.117.165200 OK 2.6 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.13
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10019)
Hash c42d43078a3ff558042b6ec80c66a086
fd8951772644a8b4c30111eb74f33fff40d4e095
050daa68d90726ceafd44b1eb12565fea6845bb17cce63464effd28199a0df61
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.13 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:32 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.13
116.202.117.165200 OK 539 B URL HTTP/1.1 swst.pk/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.13
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3815)
Hash 39d7f6d797721025aa1fba29a86e0503
5b4b108c0f954583940adb1da9c1a908b178adfd
13fcc7a727db90e299059abc4f3bd0d1b2a50de54e4652ca0bf9a7f5887f541a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.13 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/uploads/elementor/css/post-5196.css?ver=1605268344
116.202.117.165200 OK 383 B URL HTTP/1.1 swst.pk/wp-content/uploads/elementor/css/post-5196.css?ver=1605268344
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1079), with no line terminators
Hash 0abe83c6a456f5a27926f33169456626
31be000f2137cfbfdf21c1608d0bb09c4a48542b
2889c266753abc2914a4183eea0eb955874593adff32c21b83e0419cd5bce6d1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-5196.css?ver=1605268344 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:52:24 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.13
116.202.117.165200 OK 16 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.13
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65496)
Hash 01bd40f4612abd5e23a7342702a249e9
c44b891977aa5284dd6c906b52432051f2b6bbb6
3e858aa8696d51ca544b1043a568a9b5c53dee5ff60e2d15255e854336aba643
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.13 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/widgetarea-editor.css?ver=2.0.9.1
116.202.117.165200 OK 320 B URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/widgetarea-editor.css?ver=2.0.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (719), with no line terminators
Hash 2f3096ad27c72c366ea88e7b4cd5db16
d15daf472ad88926e1f88951b0bfe9487bf84709
dc8e5555288852d1b250fde3068e28d937d93d9b28725d7ce5013cd4a4bb3b26
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/widgetarea-editor.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:40:57 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/uploads/elementor/css/global.css?ver=1605268346
116.202.117.165200 OK 8.0 kB URL HTTP/1.1 swst.pk/wp-content/uploads/elementor/css/global.css?ver=1605268346
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (35345)
Hash 43079c2f304d977badeb8ee6a628dddd
ec32a254cda2d44d9504fcf074fb7abcffa4a004
b7dcae09af1bc859bf12ea18317627f1c1c1ce3b2ab7525e721fab2e191862c1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1605268346 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:52:26 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=6.1.1
116.202.117.165200 OK 1.9 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=6.1.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9152), with no line terminators
Hash aad27d49f86182432343908c6931f8fd
931283ac10e192740aadf8cd7834fcdba017f1e7
f516baf214b445575d3a6c1e8fac09675dd386c747af264c0fc2ff572215c8a2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0
116.202.117.165200 OK 8.5 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 2f4ee04b3774422333bf7d9141c2be7c
151d2b8f31cb0617ba5496ee2fc40add0fd3899e
603908cd933b396d27341de6a8e5247e3a150793a82f6ff5ad7f010c0733297f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=6.1.1
116.202.117.165200 OK 1.2 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=6.1.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Hash 7d9f45b74e5e680178073b3d6839bba2
fb52d0a47e1655c4d381f30b25667aeecee6c638
e0b02e3f5c12338601024e482383dc149a8e8e3682aa7980b847ef1cda3d0a6b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:34 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.3
116.202.117.165200 OK 24 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.3
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65492)
Hash 5f2028d46cf492c7685ea1bef585e152
4fb2b529582828a0ce50a8fbbdacda02f40c3665
02039614932eb27e537cc51a3d9ba8aa7ff02b29589f1f66b1e2bc0a6013bef2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.3 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:11:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/css/bootstrap.min.css?ver=3.3.7
116.202.117.165200 OK 4.4 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/css/bootstrap.min.css?ver=3.3.7
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (18899), with CRLF line terminators
Hash 51d18af186051926f3a5eb5170e2a439
54786fb9065a311ee499a7a680c5dd08e78497c3
e010aae994148e2c2b085686a922bdfad59a204f9880cb0efbb4b3b5f8133694
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/css/bootstrap.min.css?ver=3.3.7 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/css/ionicons.min.css?ver=2.0.0
116.202.117.165200 OK 8.3 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/css/ionicons.min.css?ver=2.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (50638), with CRLF line terminators
Hash 70c7b46ffb54f4c1b1392dbe644c874c
805a92d8b93c889b6bfdca65afafed0933b1a503
ac954926c2eaaa0607088cd57e9f292555bdf96d77b85860eb751607b8c16fcb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/css/ionicons.min.css?ver=2.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0
116.202.117.165200 OK 4.0 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (21391), with no line terminators
Hash ab07225d1684743fd49d68c46b94e496
b2d88613bcf4748944500bd9f2628d269cbe582c
3d74e7ded6208dde8d39a99a45c68e10c2a0cf0db46a8284258e17a7a4f7f2e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
116.202.117.165200 OK 7.1 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (30837)
Hash fbf6bad5215fa073a01630bd9e7343d8
fae9ee44d246bb7cfcc59ae22b1205eb594fafeb
91c2faf1819676a2c2cd09118e0ac817716c2bcd9c70a42ffcc9337381c7e467
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:36 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 2868
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
swst.pk/wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0
116.202.117.165200 OK 369 B URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash a680dfa71d4cd5f64cde4ea733eacb40
794e9eb0ee75e119ab9251d7563de1e071ce831e
6580d6604055a2d7ba7edbcb7a187d0d45db416632383e975c2e4be4d7ca8095
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:01 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128
116.202.117.165200 OK 690 B URL HTTP/1.1 swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 98b2680ed1022c042d5e8841b77a258a
650acfb93c6c738a6668ec1c58f25df69c93dd9c
1d0e551788fc80573d9f0b58050112046be7fa3dbffd9dd353ef258ef36feceb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
116.202.117.165200 OK 13 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (64512), with no line terminators
Hash 1a3d82192f66d1d631ee1f90b2df6085
6e493f86923f6fc57a9086154f163d0e3d9f1b27
a7a2cf1afb4a63e1e7b4797e63f0e88ea968481ed5b437e22ce720c4c4580e98
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:40:57 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.9.1
116.202.117.165200 OK 3.0 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (27540), with no line terminators
Hash 694324dca1b449657522841da4e2e111
5f5cc6df6d744f013ebc5160ae4acb252d5bdcbc
1cbb35f0416f20626d6b038e7db3ce7cbf50f2c8e8008018cf2aae125efde0e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css?ver=2.0.9.1
116.202.117.165200 OK 25 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css?ver=2.0.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 53c83680182f83195cd09eb7265bf0c4
5a0ed0deafa747f501456bbd330c0b3badf4c60d
594a76f4d7d8e639bec8c237bee0fd56278f783743928bbb16209529f424df18
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
116.202.117.165200 OK 5.3 kB URL HTTP/1.1 swst.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11126)
Hash b20806c6cf41eac93384afa0800ab43d
787183a143b065209dee3e1336e96950c4c93a3d
c0ca3ffd8d3010714794071c2aee77b55173d6bd6f07bbeb109f8b0d9762dcb4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/style.css?ver=20200406
116.202.117.165200 OK 97 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/style.css?ver=20200406
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Hash 49655ad6af0d0dd221a6f60c5293eaa9
caf17f8144106d283822190aad63dea464e3a676
18630b7e37fe6ee628212de06c2cfae0bd00a25f2a9d1ac5e53bb70ca1359860
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/style.css?ver=20200406 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Jun 2020 09:57:20 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.9.1
116.202.117.165200 OK 50 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Hash d26e3494476c5c5a91fcb9e90f8a8ca8
3af2442c4144671db0f4d42a917ec74822a1d463
6d6c488e852f091cce0c3fed17cffad652b27a73a7dc91876487b4ec8d7ad6d5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2
116.202.117.165200 OK 3.8 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10045), with CRLF line terminators
Hash 180ee9acc082f335d797aed6009f7a8b
3b91d68d3c22e088c50da0dd993fb359c155a626
2e6333b3aa125046b06ca86ec818e1138d589b50235a483c68ae6d915be7e446
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
116.202.117.165200 OK 32 kB URL HTTP/1.1 swst.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash ff0d7f07ef76a392400312902cd42aa9
7e5e63646a65555f96034f660d0d6c768f90a27b
f3fac241275ef66b16a5869ea26dd16fb3e2288db206b5794359271fa8e71b5b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 14:16:24 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=3.1.0
116.202.117.165200 OK 1.0 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=3.1.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2967), with no line terminators
Hash e37c5e8790c5699d7026a423d6e77395
604744989f1400965501a317eb4cb3ae8895a653
54d1d7ecfe6c87652156de743ea7cb9d69d37a30bfbff4438af80c35e96bf9dd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=3.1.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:10 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15
116.202.117.165200 OK 47 kB URL HTTP/1.1 swst.pk/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (41022), with CRLF line terminators
Hash 5c2216b29b8de01de37eceb584937cf5
95dc5735e73c01369b4ed9ce2e9f042b13bfc5fa
c158ea00df978d9bf819e6d75f533ebe436ce7102f0fadce151320a0cf8b7105
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
116.202.117.165200 OK 731 B URL HTTP/1.1 swst.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Hash b247669db7403333299fe4363a8449d0
0eb9ab9df4925f4fba4aa7e495e1d7665d262c22
5f1d64d1e426cacf5ee0cbf2468a990076aacfb92c7fcf4a7c9f42c9398274bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:33:43 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=3.1.0
116.202.117.165200 OK 18 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=3.1.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 4a99d04e7bc06b526d17100882e55542
c36242e5baf8a371bb8a7b04ac8c8420801665de
4082965d759b9a9487d3c50b7c4bb304814b8e75fbf550f01722004a3e4a9247
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=3.1.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:09 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
116.202.117.165200 OK 84 kB URL HTTP/1.1 swst.pk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (56675)
Hash 33c675e2cacfe810f81b1b953f8a373c
292ae2cd331fde4e2e7d0351eaf5d67a25acc48e
00ee237eeba337dd03e8147151116b8f71f7d93ed99d34f1e7c0112c19741bd7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
116.202.117.165200 OK 5.2 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17895)
Hash 4b2c125af94e1865f6827c13b3f4bb06
5189f96d11caba2c452889bbf4c4a77fc3ad4809
b2db2d946338598877a5fe97c1e1b2503389bd20155f2d960484a44dedd7136c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:42 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17
116.202.117.165200 OK 7.8 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (25938), with no line terminators
Hash 46e6bbc5a50494f1016a4799bcb773f5
65a76eb3cf2ec5f09a99125c041f4bc470b3140f
4a9176502c66e9e44d785dd532f515e17e98ee3f3c27094fbd52cc8288aa8f10
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:42 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
116.202.117.165200 OK 5.2 kB URL HTTP/1.1 swst.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2237)
Hash ffd6ec6cb9a44a98edc8cc0e52f7f584
4ab20e8e7607f000bc9b38fa98cc3b3241d1983c
0afb214c244dc22b87e497bb7efc223a9c0435f143bc87c064e60813b617dbdb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:33:43 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
swst.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
116.202.117.165200 OK 4.7 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (11409)
Hash 28931529b9842cb5de2768b7d7a2585a
c6b0e3899c054b909e9898b4164874401942a13c
410b90d38291f0c208b22f14eb8f37e71f43332160a96883d8dd88eeb8e8d975
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
116.202.117.165200 OK 2.1 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3917)
Hash 49d3236ff88deb75369e1473ba2ac254
453dd1b359273b7b29c01a1de44fe92be9c26d18
30431493a0603c9700ebb87069036de0f3c43d0c67f8bec2f6aa367bdab2602a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5
116.202.117.165200 OK 2.2 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (5275), with no line terminators
Hash 59adebbb456c68c4b60769ce1fc5fedb
3ad10ef54752d395b6e07a571a7a7b3a2696c214
5da8d3a4228bd4d46eaab32c5a321a1d86a12e66d2afe0aa92729e7917eeea51
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3
116.202.117.165200 OK 2.5 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6765), with no line terminators
Hash 4e542f9e277c14049c79312f00ef83a9
1af142c109d1c2739c6649729b6c2b3c88d8869f
eda6d3f511939cb834177fb27bf197f0d3909681cf0666e697217247b20b6629
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:34 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5
116.202.117.165200 OK 2.0 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4284), with no line terminators
Hash d22cf01b3512b7c5474b030977e5c6f8
123f0eda0390679958453cb74331448b6fc70c99
089f6400f733fc7d621444143e06db85665027eb4547ae275ae04af7dcd585d7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5
116.202.117.165200 OK 2.2 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5176), with no line terminators
Hash 4cefcc2929b96895998537f5bf1dd5b7
a88e01dcc738a3eb1a37f147585775abb610c99c
5c65ac0eb127246e6c7647252fdae7d9871dda6bfda2bec7e015cfebaae6281e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
116.202.117.165200 OK 5.9 kB URL HTTP/1.1 swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (14064)
Hash b5156338d2255a45340697e5d805987c
bdef7906fa8a51ff0262c7599bd781e97c272f4f
229eece0b7ee37d0c1701fc794d0ae54e725c141769b77f2f5ab3f13eac98f5f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:34 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
116.202.117.165200 OK 7.1 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (23829), with no line terminators
Hash af32b5d801333e79b7a1712ac9c7fc9a
5760af3f26ccf1540b1df12e6037acd14ebe8a1f
19141cda875a772c1690726b5e14c7f13a4791348c3367973f75be41e6d5e353
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-includes/js/wp-util.min.js?ver=6.1.1
116.202.117.165200 OK 1.9 kB URL HTTP/1.1 swst.pk/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3628)
Hash 3608aa0fca0839bc80bb309ea80e1af7
fdd07576d8a4d8970bfaf977b30fce70895526c6
623dc4805d4629c86f1064b2f95c7bad2d94ed35e279fb28a50782d183e37e50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 20 Sep 2022 03:52:10 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-includes/js/underscore.min.js?ver=1.13.4
116.202.117.165200 OK 8.5 kB URL HTTP/1.1 swst.pk/wp-includes/js/underscore.min.js?ver=1.13.4
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (21035)
Hash dd44d3e70872b78b98a158bd3d15f82d
0198d8cba351c8520a4b0cd05c9affc76723a89e
f16d67630e8c4894e3cfc0fa8e74fce16edfd8864b2e92408043dfefdf0c65bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.5.5
116.202.117.165200 OK 4.8 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.5.5
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (15833), with no line terminators
Hash d7e395ef6b94a5593684211ae49bfa9a
401325791b0a24b5c9c51c33517ce4db24c21d11
2f299f79c1d88f9f649ab9adb416e2e1c72b6a19883c8a60f03ae93265750dd7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
116.202.117.165200 OK 8.3 kB URL HTTP/1.1 swst.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (10426)
Hash daa8e634af0617edc95bb87c2f0d3987
c87d19defdaf46a9ee5aa91204132d10318c44df
9f330f13dc1d55da09cfd0393da10c71aaa7ba82e03f0e51c9b106bf3d760d72
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 23 Sep 2022 19:55:30 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
swst.pk/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
116.202.117.165200 OK 3.4 kB URL HTTP/1.1 swst.pk/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (8241)
Hash d970bbe33d3364bd5fef93a03be2b4b9
1a9c196944863cfbd1a34903043ea1118aa456ce
1b8306e7fe7f351a906985dbc841791b6c87fe3d9567a8a42ed5d3e693115693
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 18:04:09 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0
116.202.117.165200 OK 2.5 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (2237), with CRLF line terminators
Hash 24f840a91bfec70fbe2c49f9cf0c78ea
02e11da6f4f84c4e4cdd4eca973710a732c566ea
24e3b28e6c82c52ce27b1468159f3a37fdf2357d817d751027d7d452754a43cb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7
116.202.117.165200 OK 2.5 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5546), with CRLF line terminators
Hash 429f6e8f84b94fbf50c944875c068846
a358fca7f60bae3c3bb5bf5a3e3edb1fe3a7d3c6
0478289ad9d6c34f71ce56757ea1f84ffc7672c9ff9aa5c5117231091abc3b48
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
swst.pk/wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0
116.202.117.165200 OK 2.3 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4427), with CRLF line terminators
Hash 6bd1826474710229455382e2896881d5
e69fc321dc78c75b56df2745d1401e49fd237fac
70063fc1a572d2e148273a1c1eeef8c19d4d479c5f5d39a3f155666aa57c2314
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0
116.202.117.165200 OK 1.7 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2248), with CRLF line terminators
Hash c0b5b9c082e314e6ae4fb7089d6974df
4a0cf119d573af21a1a365f23ff5f2d44782ca44
299538d876ed139674ff87bd628f156dfefd47dbf9078d223c4085fa53ad1460
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Nov 2018 11:22:22 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0
116.202.117.165200 OK 2.1 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2237), with CRLF line terminators
Hash 3b1466903df5c94da3cbae7a82b0b2c7
15094a838e176ed9177f06e0dee38f60ea365401
7c8b0a1678dea142b2586baaf604043591cd149874c7f1bbd8b5d0d37a995ba3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0
116.202.117.165200 OK 1.6 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2248), with CRLF line terminators
Hash e08c13b417d52d29dfaa2755ebfa3fac
56b382056e4c68a7183b9dd473c04b5b808e4485
b71a8dbf8a4fc5f614bd343d2b216d3ca4e18b2783cedf4d159adb965bf45994
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8
116.202.117.165200 OK 2.9 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6580), with no line terminators
Hash 259465341899ecd5e323a32879d22dc7
7ad046204c816d770d3b8ca6f3cbd935f001a7b0
a8c4f011bada70c14a77b60008278312e787164dd042c0bdfbf688fb6e849952
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 20 May 2019 09:17:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0
116.202.117.165200 OK 4.8 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2237), with CRLF line terminators
Hash 9d7e7f1fbf200ee92414e64856ddfb40
f93ba71575b6d24bb2ec725a42f28ab18ba4f008
a7811f4aa3b4159e1ab2d9df25c627aabba4ebd82395ed5131ae00bf7bc602fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0
116.202.117.165200 OK 8.6 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (16017), with no line terminators
Hash 10bdb65620db437be3438c16a56c09d8
062809f44a990e783a3cf62b1e4c1fae97c6da85
aefd3b1b6f7b324a3fe783daa2c7c5b339e8ee5f5286b95cbb3d1bb548be1ca9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Apr 2019 11:22:06 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0
116.202.117.165200 OK 12 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (32076), with CRLF line terminators
Hash 4186e944555f3e73f1df530de58913ef
6ebc3bbff73189863e93709c7d74916386240411
f5367bbdbafb4073825bd5eaec8c05d72c3de54a1d7174c6803b502120d4bf87
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/themes/martfury/js/scripts.min.js?ver=20200406
116.202.117.165200 OK 14 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/js/scripts.min.js?ver=20200406
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (56762), with no line terminators
Hash 2bdda99b68ccc5e49cc171537a6a8071
a94630e6201688cb032cb3ef7a37471354ef640d
4cd16f81ef784076b6aed006511c547c9a82d9213df10db96ac87ba7420ff792
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/js/scripts.min.js?ver=20200406 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Jun 2020 09:56:56 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0
116.202.117.165200 OK 1.7 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2241), with CRLF line terminators
Hash e0c984c1b0ab7c5aa86aeef43b20fc11
4c3ce1d0beec6c67f3651ceff1ff247895e1c8b0
3cb7fa02dac2d96f3a8b77892f5b0b9b59992f2dffea42c563e0849ada3e339b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:01 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1
116.202.117.165200 OK 1.3 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2262)
Hash 54cbcc60b107257f3f134db3e180d29c
264f495ba3cf0897baf0d30eb0bb273421d27c00
9af563c5e661d8fc5aa22912429a8411b3fee7f2edca966485f12ac15321091e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:40:57 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1
116.202.117.165200 OK 3.9 kB URL HTTP/1.1 swst.pk/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6806)
Hash e7bc76527b4b4be33221fc237ba724b0
b0c95ffc815fa726b70dfc0de8ed9d79985c8bb1
45e5376e00e6f67c4116d93570badc2879197b77dc699f4fbc12de22f99bcf63
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Sep 2020 14:33:45 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 873
Cache-Control: max-age=127477
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:21:23 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
swst.pk/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
116.202.117.165200 OK 2.4 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4831)
Hash e581065d2dadb3d4a870396385876ad7
a2cecc3290c13df268a10f49b0fce0c1567b40fd
62b10e33df2426a52c283b6bc4ccd7ce434a1762e9b134c21e421e3955f35ce7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:03 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2
116.202.117.165200 OK 7.8 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (25097), with no line terminators
Hash c59ab7b5325ca4dc560222be7d8a6171
db4e4780d3fecf2e3b0521a0e39cf286e8816ab1
f8cf872425ff723b00336b051ae143bc641e2861e72d01b5e4d1cce21b3b33c2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=4.5.5
116.202.117.165200 OK 3.1 kB URL HTTP/1.1 swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=4.5.5
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (8584), with no line terminators
Hash 1cc3e7a4561af0d00fbb4011d4d4ef7b
049f2216b8faebe072833eff52036b71f0658720
abf2f92243575513306f4c84e2d353f3b2fba65cd0b4882f037fd64cfbd8bc04
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-180634366-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-180634366-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash fd4f030ec02159f8fb2d1a9923b4c7a4
7e2107068e98d3e38bbe4e63289fbd3537b5bbc5
aeb064930ae42245fac0895dde23f541dddee0304e3c4322cb56d7dd180ad80b
GET /gtag/js?id=UA-180634366-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 21:56:46 GMT
expires: Tue, 06 Dec 2022 21:56:46 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1
116.202.117.165200 OK 40 kB URL HTTP/1.1 swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 125fc1eea5dc01e62eb58800c99839ae
309376be229b5a541e799e1277b043503d8318c5
199baa762baef1e0ba93d76499f4819789dccf39887de1126ab146313fa7cefe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127
116.202.117.165200 OK 2.4 kB URL HTTP/1.1 swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2250), with CRLF line terminators
Hash 268cab67a70d9408d642687246adf0e2
53a5a0c42dc6dfd9ec94867646e246e0041351b3
cf9ad5b099f0078fab200241bfaf787ce66fd506103df07889251d8687431bd7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
116.202.117.165200 OK 23 kB URL HTTP/1.1 swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 22964, version 1.1\012- data
Hash a2e6d71a4a7082029a062cd82d214011
e7c8fcd96128c47c376c9192e679693a1547c2ee
ad209b4b6cc3615d34001da3fd1de3d4b5a421203514f2fa6a98ea1bff6abe4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 22964
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 19:02:58 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
116.202.117.165200 OK 24 kB URL HTTP/1.1 swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 23808, version 1.1\012- data
Hash 1fa436680c42d6bd29b2d6e654ee2239
2e42440706e225cc019c7aba0fe995f57c39fb1e
832873b163018ac574cead07ad681fa86ef9d0d9ec146351c1061c92e1261bdd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 23808
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 19:02:58 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
116.202.117.165200 OK 24 kB URL HTTP/1.1 swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 23956, version 1.1\012- data
Hash e25084cb1d1bf79f37ffaa8224ee501a
e7293f8746e5093404d2a18fbf90d16604163104
65be5347bdd9751d68645b82167e4e76eb54e1aacfd4a7506e0403d53accceed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 23956
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 19:02:58 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
swst.pk/wp-content/themes/martfury/fonts/ElegantIcons.woff
116.202.117.165200 OK 64 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/fonts/ElegantIcons.woff
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/fonts/ElegantIcons.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 63664
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f15dd69f37711a6c578b1bc9d4e741d3
37b5eb7c7aaf58e9753735db959a4e5257e6d6c8
f0fe6b34a83e271cf596b31b153e23cef94f86629975bbac4232d6c19cfa063c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0FE6B34A83E271CF596B31B153E23CEF94F86629975BBAC4232D6C19CFA063C"
Last-Modified: Tue, 06 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Wed, 07 Dec 2022 03:56:35 GMT
Date: Tue, 06 Dec 2022 21:56:46 GMT
Connection: keep-alive
push.services.mozilla.com/
54.191.251.76101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.251.76:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sQb8H/tQ3/2hl/CsebvwqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YkHHrQNNgpuivLndIXES/VDvPRo=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type gzip compressed data, max compression\012- data
Hash fe73cbe4ac50f4a880edf0d831f70f02
02f836b69c4f55d827e295a4fe5e51b85e30d51a
e11ece371f9d1f0bb3f40bc311e90b88af98cd25b6568c2573abab017d271637
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 84818
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 86011
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
swst.pk/wp-content/uploads/2021/06/Final-02-e1624137226362.png
116.202.117.165200 OK 125 kB URL HTTP/2 swst.pk/wp-content/uploads/2021/06/Final-02-e1624137226362.png
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 2380 x 2360, 8-bit/color RGBA, non-interlaced\012- data
Size 125 kB (125334 bytes)
Hash fadd70326ebde92969a87cddb7dc5f41
4e8b5d64be7cbac61c326b458eff9262169214c7
05d3f7384b202e1d7246abe2132db5efeda496ba19f2eb78b10ecb918d3157c9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/06/Final-02-e1624137226362.png HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:46 GMT
content-type: image/png
content-length: 125334
last-modified: Sat, 19 Jun 2021 21:13:47 GMT
alt-svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
expires: Sat, 04 Feb 2023 21:56:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 84864
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cO5j7BIPh3GSOUqKDYYY2qmG6__Hn2XB9lFhhYT_WpOXya-9TTGtgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:24 GMT
age: 84863
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 84865
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
swst.pk/wp-content/themes/martfury/images/bg-404.jpg
116.202.117.165200 OK 8.7 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/images/bg-404.jpg
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/images/bg-404.jpg HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: image/jpeg
Content-Length: 62911
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
swst.pk/?wc-ajax=get_refreshed_fragments
116.202.117.165200 OK 479 B URL HTTP/1.1 swst.pk/?wc-ajax=get_refreshed_fragments
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type JSON data\012- HTML document, ASCII text, with very long lines (1115), with no line terminators
Hash f57c5e5171bb70deffc6c67f447afde2
f44871ebae43ab42279eb35aa7774524452d39be
5c3866a88257b46ac69e421e2e1202d6514125b6dbeedde7b51da2a4cf840976
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://swst.pk
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:47 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Server-Powered-By: Engintron
Content-Encoding: gzip
swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-192x192.jpg
116.202.117.165200 OK 10 kB URL HTTP/2 swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-192x192.jpg
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash bf735c447cffde0effd1fe3a1920781b
c37fe7a0d149907c6f07c1337ff66a46bd399c8c
84b462c662e596454ba7a3a31916dca39f2f93958d15dbca84a31a751d5ddaa8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/08/cropped-2-color-background-192x192.jpg HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:47 GMT
content-type: image/jpeg
content-length: 10046
last-modified: Sat, 17 Oct 2020 22:16:21 GMT
alt-svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
expires: Sat, 04 Feb 2023 21:56:47 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-32x32.jpg
116.202.117.165200 OK 4.0 kB URL HTTP/2 swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-32x32.jpg
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Hash 222e56f1590cc392cf370b33541e195d
63e472c7869242114c7865bd20a2af6275a049fb
9084ef99332e469e9c1965f96b7044cd9cafbb841b7df9123f2bb15f4509303e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2020/08/cropped-2-color-background-32x32.jpg HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:47 GMT
content-type: image/jpeg
content-length: 3992
last-modified: Sat, 17 Oct 2020 22:16:21 GMT
alt-svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
expires: Sat, 04 Feb 2023 21:56:47 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 20:46:55 GMT
expires: Tue, 06 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 4192
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j98&a=767717805&t=pageview&_s=1&dl=http%3A%2F%2Fswst.pk%2Fvup%2F%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Smartways%20Security%20%26%20Technologies&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=345574119&gjid=424483545&cid=1951544310.1670363807&tid=UA-180634366-1&_gid=824117721.1670363807&_r=1>m=2oubu0&z=360943068
142.250.74.14200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=767717805&t=pageview&_s=1&dl=http%3A%2F%2Fswst.pk%2Fvup%2F%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Smartways%20Security%20%26%20Technologies&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=345574119&gjid=424483545&cid=1951544310.1670363807&tid=UA-180634366-1&_gid=824117721.1670363807&_r=1>m=2oubu0&z=360943068
IP 142.250.74.14:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=767717805&t=pageview&_s=1&dl=http%3A%2F%2Fswst.pk%2Fvup%2F%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Smartways%20Security%20%26%20Technologies&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=345574119&gjid=424483545&cid=1951544310.1670363807&tid=UA-180634366-1&_gid=824117721.1670363807&_r=1>m=2oubu0&z=360943068 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://swst.pk
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://swst.pk
date: Tue, 06 Dec 2022 21:56:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
swst.pk/wp-content/themes/martfury/fonts/Linearicons.woff?fgpewa
116.202.117.165200 OK 453 kB URL HTTP/1.1 swst.pk/wp-content/themes/martfury/fonts/Linearicons.woff?fgpewa
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 452632, version 2.0\012- data
Size 453 kB (452632 bytes)
Hash e21aa688dd6a3491257d2576009073b8
33fc6ff96474c728ec9de00d5ad1b798aec5b0ec
f321ac856aecf0735227b9c47710b0cb755af1a35aec4d97212070a121b35df2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/martfury/fonts/Linearicons.woff?fgpewa HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 452632
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SxFdluOKQmnZA8pW576X9B4b3d4MIWehMY_pbAs52EuR8KfQvlWAPA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:38:54 GMT
age: 1079
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
swst.pk/wp-includes/js/imagesloaded.min.js?ver=4.1.4
116.202.117.165200 OK 0 B URL HTTP/1.1 swst.pk/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 116.202.117.165:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip