Report - swst.pk/vup/index.php?QBOT.zip

Report Overview

Submitted URL
swst.pk/vup/index.php?QBOT.zip
IP
116.202.117.165
ASN
#24940 Hetzner Online GmbH
Submitted
2022-12-06 21:56:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
344

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	54.191.251.76
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	70 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.131
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	44 kB	142.250.74.40
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	21 kB	142.250.74.14
swst.pk	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	30 kB	1.5 MB	116.202.117.165
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	95.101.11.115
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	796 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed
2022-12-06	medium	swst.pk	Sinkholed

JavaScript (58)

	URL	Size	First Seen	Last Seen
	unknown	0 B	2023-03-07	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 16:12:03 Times Seen37411196 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5	5.3 kB	2023-03-08	2023-06-16
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-06-16 22:27:43 Times Seen3 Hash 746a2c1a6992fdd47fc0662f542f5907 c6c5b61095f0fa6db1b56dc8a543dab3a51990ff 45f6f2ab2f408754c29a3c2b15c133aac47035031003312834331208b97caaa9 Loading...

	swst.pk/vup/?QBOT.zip	294 B	2023-03-08	2023-03-08
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 94874f802cf0f17baabf7af68ff2d94e 756d81c2c11c3f08da35bb9887d108525fa94f49 6a4123a87aa1d2f506b2fd07ed175afe0d3ade5fe117a6cae5fc20bbb365e355 Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4	4.1 kB	2023-03-07	2023-06-16
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:19 Last Seen2023-06-16 22:27:43 Times Seen4 Hash 4f73a582acb970c19ca77d039c8459d9 f98da5155d03fcc9a85ba0e36e5882b25f123608 c9b7757ffdf2143521c27aef317a950bb1486099d16e691da497857f3467e3ca Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0	3.3 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 57bfc35de682c60bdd15b04885183bb4 725da3856df1310410727332356521268f7596e2 19d7f8506061d49e65a3b3e5b78bb0f374f1cce39da8ae92e01bafb82242c624 Loading...

	swst.pk/vup/?QBOT.zip	101 B	2023-03-08	2023-03-11
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:11:07 Times Seen1 Hash 8a9818341659d2efb7712151431ae35b 67d0a767b5a3912fce646b6e027e2069080c57cb 86bb04a4644100287093bb90aa08b722505819e8868fb21790ba6646fe6d7fed Loading...

	swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21	14 kB	2023-03-08	2023-03-11
Pretty URL swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 19:18:08 Times Seen1 Hash 5c0984f644fbdbd0786e40016da9d1da 770ff9a29d1044b48621ad49ea77b47235bc3913 9a869194c97117368f5037574d944503928f276173ab78fa57080cec2dc73ed4 Loading...

	swst.pk/wp-includes/js/underscore.min.js?ver=1.13.4	21 kB	2023-03-08	2023-07-20
Pretty URL swst.pk/wp-includes/js/underscore.min.js?ver=1.13.4 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-07-20 04:39:13 Times Seen15 Hash 89fa07a00678e961e3b1d64001dce625 5902ff2eeac0e5f079cb538c31d3e04feb3072de 43683f09735812261841c1ae4596b37b64f0239cf1b7520f32c8d62705c7303a Loading...

	swst.pk/vup/?QBOT.zip	435 B	2023-03-07	2024-05-07
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-07 14:17:29 Times Seen2590 Hash 6d3fb02f90526fa664994848db387966 c81a52e84890c563a53c76fa62f38eb27175dccf 14e5b45ae7259f0ae964f80435cdf3869ec8b673e1b70ce3737d5f62131bb468 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0	4.5 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash f2f5b55d6d513a08bb826175b4dfb6b5 b3dde104db1342f2c67c98fc04b75c043885136e 3ff240c9d29c320577e2e3707da42293b421171496f25994e21536c6e3e59211 Loading...

	swst.pk/vup/?QBOT.zip	96 B	2023-03-07	2024-05-07
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-05-07 14:17:29 Times Seen10736 Hash eb3a538fd2a39c22198e72c3b9f498a7 c966ebdbd2701a0980a85671126664f3892d4f1e ac233233e7bcaf806041b243578fab081dced8a045d9a82756410da9ea2382a1 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0	16 kB	2023-03-08	2023-03-12
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-12 14:23:35 Times Seen1 Hash 86a4dc75d32dc3340258082baab59099 616d855856c1734e4f19a174288dfbd98edc47d4 0f8c29aedc80fa41b0e26fa106ed9dcf16029933b5136138d1777e94d463cc66 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0	44 kB	2023-03-08	2023-05-10
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-05-10 13:13:15 Times Seen3 Hash 6370e8305a711010c9c70cc59d289523 abe65421548bf59c39266011e0fb40a85ac9c2f2 73e438560a6abc8bc60532dc9d186bdfe8902ad3dbfaf584a44a4da9b745c740 Loading...

	swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0	18 kB	2023-03-08	2023-03-11
Pretty URL swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:14:56 Times Seen1 Hash 69dfc456abf97f3894f59f98e2115655 cdcea37ec64b41f438ec868207ce3e8725ba920a ff82bb66dde6098ac9ff89a1cea77e8672338ca5cbee1275ae9513109c08752a Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0	14 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash c020a1713435805bc9fd258a9e22a7e7 1a5a9c17342a399a16add45b9eea735362048d48 b00aa6c9e305d56209c71f19d9fd27c51a8776371cbceb632fe41a90d498350e Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5	4.3 kB	2023-03-08	2023-06-16
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-06-16 22:27:43 Times Seen4 Hash ed94af117ab0638061b774b4c72eeaba ad029f19971c2745886c6f5625977684c9806c33 26441e31843fd4bd00d97cd05d51cd78fdaf09017951f35e62385e3612b3ad83 Loading...

	swst.pk/wp-includes/js/wp-util.min.js?ver=6.1.1	3.7 kB	2023-03-08	2023-07-20
Pretty URL swst.pk/wp-includes/js/wp-util.min.js?ver=6.1.1 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-07-20 04:39:13 Times Seen12 Hash 8cda454d20f05e9af2cad30a6882538b c50c5379afcbe2156eb12bbea0e9edf8c7e6a63f f7c41ef545eda41afbd6d3115bfa109bf94e47735f3c277841732f90f629ed88 Loading...

	swst.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2	16 kB	2023-03-08	2023-04-17
Pretty URL swst.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-04-17 06:21:02 Times Seen3 Hash f9179d81f51cc77bb06ed380ded1c00b f264a8a38408b873793c48977a40a99ba84d604e ea57ffa411503d4b646a68f511356461e53836e9863553b2c5e3c8e217e46163 Loading...

	swst.pk/vup/?QBOT.zip	2.5 kB	2023-03-07	2023-07-20
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:33 Last Seen2023-07-20 04:39:11 Times Seen3 Hash 4fca1343baa29c65e92c416836ce8f2b 025ab55f3165c85f635b939fb474a7bf52aafbca a58fc2ae2975cab9ea44945292e3c8f0187ceb0cc9094d6745540adb0aaa42d8 Loading...

	swst.pk/vup/?QBOT.zip	250 B	2023-03-08	2023-03-11
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:11:07 Times Seen1 Hash 2baf1aa8730d0e9a4672ce69844995fd fb46cbfce957354ee3ad95e32ae5831045f9e6d1 bcaf853687730873dbeb1e18cff37dccccdf2e0ac0254b5a8484cf942b9207fc Loading...

	swst.pk/vup/?QBOT.zip	135 B	2023-03-07	2024-05-07
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-05-07 14:17:29 Times Seen26749 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	swst.pk/vup/?QBOT.zip	56 B	2023-03-07	2024-02-05
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-02-05 08:57:55 Times Seen57 Hash bec664c911065f083807e947796fca7d cf41adeb4376f72935d41e919ee3dff225921561 99b412b0deeaaad22f7776b9350b121e2c0ee1c6f6a34bda4340018b034275a3 Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6	24 kB	2023-03-08	2023-03-11
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:14:56 Times Seen1 Hash 2a1c22a953cde767f3d9fb9dae4c422a 42278d72d5a3129fa5b9f580114962a76bb418f1 29de5a698d229588c118feddec7f5a13fb9432f61f368a6f0399fdd17b20e147 Loading...

	swst.pk/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2	8.4 kB	2023-03-08	2023-03-13
Pretty URL swst.pk/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-13 15:11:27 Times Seen1 Hash 1d059f8ba52759067697cdf78a80c7c8 7189808152207965d12b07e4c4ec74c44db0cbc3 88c26ecfdc9d3d71a9159a88eb02cfe6ca17f0d7b99c7eaf68a44f63122d90d8 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0	5.5 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 65a283fe7802985953f6df59c34b0e0c 019a999828840b58059b827cd29c2b21ad1eddce fc0c7cd5f5a3049f80e1fc6897775ab477d1e0d670f0fea6e3c3de1a22db1675 Loading...

	swst.pk/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0	3.7 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 59095c94a0279eb892b15feb4a75795d 1abb9d3896f4fc9ed4e35654d7bdceb2150f6a51 d773b50510a787491383207efc8975300624fde1c62bbbb44945663eb5a2f1dd Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70	12 kB	2023-03-07	2023-06-16
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:19 Last Seen2023-06-16 22:27:43 Times Seen4 Hash a685c15e27b4ad37861e5414bc3b75ad 86036409d57bde75d70c7c44d2c33e425e1901ee d4dbb3d47233873962f4111b316bbe91c61cfddb32d16bdc2eba646b1cf42349 Loading...

	swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3	6.8 kB	2023-03-08	2023-03-11
Pretty URL swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:14:55 Times Seen1 Hash 81acd0483fe87462fe669b7245eb9250 d8ead544d754bc88d7b418a59ebc79cdae24163f 6091beee2ba50a8c2d41e3e116e7a1dcbc367017b442ccac6055a992490bbdba Loading...

	swst.pk/wp-includes/js/imagesloaded.min.js?ver=4.1.4	7.9 kB	2023-03-07	2023-07-20
Pretty URL swst.pk/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20:44 Last Seen2023-07-20 04:39:13 Times Seen13 Hash bb4a3d6225826916cac7b21613369997 953a8b418d6b270dbcb2fd8479438ad555306072 6357d9eea91ccde9ebd6e8b5b3598827552af209d63fe27fc9eeabe17d28ba3d Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2	25 kB	2023-03-07	2023-03-08
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:25:58 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 02261fcfe90adb1322804642735da56b 77c3d75316cfb2fac6e4986b2d8f38c09a24aefc e3989daf7a8c5a083089029bbb4aeb9d1136338a7dad2df899fbff679f6c0f47 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-05
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-05 19:10:17 Times Seen1641 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2	10 kB	2023-03-08	2023-03-11
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:29:23 Last Seen2023-03-11 23:01:03 Times Seen1 Hash 0d6ba30859c65d9a7b7073ab9cee2a3a 889998838b55b05b2c935e208d480752fac7aea2 15282fe4027fd8d266e25654edb82b2ecb0c4a8323d353bfbacf49baee193908 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7	5.6 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash bc543cd9af71184e094f19f9b53e77af 2f983d22b61a6d773ee5137a4ea8d06cf3b4ee09 65aefbdf439567db780c44bf1bb3c01214bdd166212d69426695640bbde9c69a Loading...

	swst.pk/wp-content/themes/martfury/js/scripts.min.js?ver=20200406	57 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/scripts.min.js?ver=20200406 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash b90b95cfc31c50c2b565f78e0f8a2df5 2de91c16084fad157c96c3c578991c032fc16ea8 71edc25b255f265a77d4e5e7d16eeb0afdeac184777a1f5e462ab2df3dffed02 Loading...

	swst.pk/vup/?QBOT.zip	125 B	2023-03-07	2024-05-03
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-05-03 14:40:28 Times Seen105 Hash cfbdae0d607812a121f1f366bbfffaef 73958c3e1b31c0158ed7b0db49ada57d15e0b2a8 736c7236fa3005770ea9ba709878f5a013159ea3dda32ce624dab41b774f4b40 Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21	4.9 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 1fead379e71745034f2d2af4c9b63163 b0b98e470a02a0e4309034691cdd294e433d87a3 10191ff9cd1fc397596133c47f5f4ef51848dad8d03ff65703a510061bed5c19 Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0	3.8 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 6d3b26963d92f004ac8495c426241e42 37778fc0810632a598347fd23c587c10d058e0b7 1f768dc0787311519f09492561e8e59534570b5c81ca8aedc00f72c3d06c65e3 Loading...

	swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5	5.2 kB	2023-03-08	2023-06-16
Pretty URL swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-06-16 22:27:43 Times Seen3 Hash 7e571eeea42d7c3e98a5cc07b23be542 f0721798545c4c141e4a89789724ff66cbd39d3b b05c4ca109e2478e8a767b18f7af5828c5156b3dde2efe11e4bf0deee0d440d6 Loading...

	swst.pk/vup/?QBOT.zip	538 B	2023-03-08	2023-03-08
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash c055f2ee89ed69cbd944ad755a75866c 655b8f0d21c22ee4804ce72fb20104381f8cdc0b 10e035cdeb3b34f00f9f2fcbdf5104ab1467e991885d73cebc51293e8c830562 Loading...

	swst.pk/vup/?QBOT.zip	2.6 kB	2023-03-07	2023-07-20
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:33 Last Seen2023-07-20 04:39:11 Times Seen3 Hash 82f1b12c704dff071da17b8f69d5242a 2fe2fa0ac07cd1b8898197755bf1e9e030aefe36 3aac951fdd665453576c5ff2f3288a203f81f4ee1fba57a7402ceb89d33eb9ef Loading...

	swst.pk/vup/?QBOT.zip	124 B	2023-03-07	2024-05-07
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:23 Last Seen2024-05-07 01:32:22 Times Seen1867 Hash bac1516825f021e09b3030700974ae69 56554bb8f07d7105342b215b5e74c581fca4755f 0e93aa5f748928796ac89a237d4cb79f42ba9305d54f695c947daf58b0576b07 Loading...

	swst.pk/vup/?QBOT.zip	1.1 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 0e9c6f22545d8cc4c0476c89ab902082 28111ddd538af3b896852a1e892d3f652b4815a7 a750cff0e3c0e021237114fc61391da5372c8e4104567d4c2d5b6e2eceeffd8d Loading...

	swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127	6.2 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 4720bb099b32a885078a7bd7e7fe4a2a baada2f46735db3333c1f75999222d4695187005 cff6cfbcd2eb92ca81f6836cbae77df3ccbb50a506f1e39deef7e07dd359e4cf Loading...

	swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1	133 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 434300e06bab3ff713e17f78de797c11 649cb2a37dda4953f0d83177bda9e4ba563af79f 247ffcbfca4fda332325e0a2e625e473797afdc862818c1f853a316089404260 Loading...

	swst.pk/vup/?QBOT.zip	2.3 kB	2023-03-07	2024-05-07
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-05-07 14:57:53 Times Seen4817 Hash 6f740b956919fbaa673bb496be184ac1 fa7d2aef8069f1be31c655fb889c897eae36757a c8d83f1bd6a850a6f197b9bcce38828132ad627358b9c2c78e7c4bef4d22c304 Loading...

	swst.pk/vup/?QBOT.zip	160 B	2023-03-08	2023-03-11
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:11:07 Times Seen1 Hash 3b019f8a676ca59a665dd592ee235492 b4b5e5a6d74a985a82ed16ac088673df3b47a4b5 10f0cb68465cee32dc7994e60417c119f58f21b942f625b5fc1b93a0f7e7780d Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0	4.4 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash bd6e0ef0c22a43b8163c3f729dea832f ebe72d13950c0f767b65285b5d199724208f7b3b cd6e4d3de0868f2af12de582615105e4eb5268dd40e001b0a1fb2b34eb7af7cf Loading...

	swst.pk/vup/?QBOT.zip	557 B	2023-03-07	2024-04-25
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:17:54 Last Seen2024-04-25 03:35:14 Times Seen31 Hash 51c654a7efbadc2887ff7894e64f9a33 3a2ff31ceefb8847546af83704e7cb2e022e4844 8c9a6f367f5b0449206db878afad63d48d77ffcb39af3d27778944edd7ab9a8f Loading...

	swst.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	14 kB	2023-03-07	2023-09-20
Pretty URL swst.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:33 Last Seen2023-09-20 20:48:50 Times Seen51 Hash 728fe9a41eb1921a02b6b7dcba3648ca 5a695a12e73a7874f5d273ead2d5b775788b929f a71ee879cf80d36f1858f3b7a081ca1493bb3fe88014d8b435434f91b927269f Loading...

	swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17	26 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 245d87e0d0dbc8ef6df268a53803a65e 82dd40233b89c57885a709580f207cda2348dfa5 79d7c60ae33dd4e5f8616a6eaacdcb558c9cbc6371410fd33f08d8073f5fad52 Loading...

	swst.pk/vup/?QBOT.zip	636 B	2023-03-08	2023-03-08
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 3306011fc04569febeb1bde903058d1f 754575ee5deedc96fa856c1be1ace2dc17b3e221 202a008723a805b7772a2a5f0f1d3ad866ef1fc455f31a064c120bdd0e40f1f2 Loading...

	swst.pk/vup/?QBOT.zip	96 B	2023-03-07	2024-05-06
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-05-06 22:33:38 Times Seen3575 Hash d8772bfb2ec7dec5262a932766aa1669 8440292e305868d90f6f15a3ea6975a3b9774f43 c19c2ee1fc048012374a6d75c822daf9b7c0d4ebef7ab8df1ab22b229a00d012 Loading...

	swst.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	92 kB	2023-03-08	2023-07-20
Pretty URL swst.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:37:25 Last Seen2023-07-20 04:39:13 Times Seen29 Hash e231cbc3d355998d6ceea44d87e46596 eaec0553b54e3785a9d5c4083fed4c7fe63d4473 5d92075a333fd130ab14a88cb118502add35524a313b882bd83aa362c7436d28 Loading...

	swst.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	24 kB	2023-03-08	2023-07-20
Pretty URL swst.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:20:25 Last Seen2023-07-20 04:39:13 Times Seen17 Hash 00ce14153394846cf407f0bf9aca815b 263a687f5ae5a323a27e0e3c511c6a6eeb021382 153f444954dfbd8a8d6260e99e98e4d921f07cfbcc209ef9bf86f32ec213924e Loading...

	swst.pk/wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8	6.6 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 02a40666e52ab9baf8656460cff69c4e fcc720e074dc37c2dabbee44860c6c91a3e46d20 793aaed089173b27b755db1ab43f6186d31287232bc9a91cdaaecef6a344db24 Loading...

	swst.pk/vup/?QBOT.zip	155 B	2023-03-08	2023-03-11
Pretty URL swst.pk/vup/?QBOT.zip IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-11 14:11:07 Times Seen1 Hash 0bb10b7510a2a2da5d25182060a522a0 14ab63d97bd436640b94b813db20473b3cca8fa6 ca32124cc989b0b5970f8183b98215c83d9234e87d8570fe86c55187f8edb3d4 Loading...

	www.googletagmanager.com/gtag/js?id=UA-180634366-1	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-180634366-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 0b0c93b5009aea4335f14f5fb59e2952 1277891249c5ff3fefea3becaf8be2693c6eb0ea bb471c3c837da22b7e78cf9409ada3e1a0377b484a047c3c00a6f67b43557138 Loading...

	swst.pk/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1	2.3 kB	2023-03-08	2023-03-08
Pretty URL swst.pk/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1 IP 116.202.117.165 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:30:43 Last Seen2023-03-08 20:30:43 Times Seen1 Hash 61d2de4010e090241908fc6fd3e545fe 011174f9acbb30a657770d61bf3826e53ab59b00 8e405d19de218aa1c96997bfbfe28d49684061a5aeb63eea3969daa56b2978c9 Loading...

HTTP Transactions (117)

URL IP Response Size

swst.pk/vup/index.php?QBOT.zip

116.202.117.165

301 Moved Permanently

0 B

URL HTTP/1.1
swst.pk/vup/index.php?QBOT.zip
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /vup/index.php?QBOT.zip HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Dec 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Location: http://swst.pk/vup/?QBOT.zip
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2991
Expires: Tue, 06 Dec 2022 22:46:36 GMT
Date: Tue, 06 Dec 2022 21:56:45 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 905
Cache-Control: max-age=132578
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:45 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 10:46:23 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9747
Expires: Wed, 07 Dec 2022 00:39:12 GMT
Date: Tue, 06 Dec 2022 21:56:45 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 21:20:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2179
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: YvPRYdCKRnccX/LYE6QBTj1GAQByE11cISEP+mpsF/EGa5JwgFTUwBPzFdHwUSHCFmAufLhtBe8=
x-amz-request-id: TD88KE0SMNM8VTBD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 21:49:07 GMT
age: 458
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

swst.pk/vup/?QBOT.zip

116.202.117.165

404 Not Found

20 kB

URL HTTP/1.1
swst.pk/vup/?QBOT.zip
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
20 kB (19854 bytes)
Hash
af653402ebbf964e54ad1c28c1d7bc59
c5eed8236048579d03dc9cbb34fffa44f1e05836
652a5e7a1311bc3558d205d018d329d132d81e56441cfc863618126f2e832923

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /vup/?QBOT.zip HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Server: nginx
Date: Tue, 06 Dec 2022 21:56:45 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://swst.pk/wp-json/>; rel="https://api.w.org/"
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Encoding: gzip

swst.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

116.202.117.165

200 OK

13 kB

URL HTTP/1.1
swst.pk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (47826)
Size
13 kB (12895 bytes)
Hash
564ad59aa0cce5971f8b524dcba938da
6897bb88d119424de6f73a573ace204aed5be582
fe9dafe92d3b0d07334ff80a3b5f3bf513a21e137ce9a8e7638cc664ebb0f918

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:45 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 16 Nov 2022 01:28:28 GMT
Expires: Thu, 05 Jan 2023 21:56:45 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.17

116.202.117.165

200 OK

4.9 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.17
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (29253), with no line terminators
Size
4.9 kB (4904 bytes)
Hash
81bc37890f6630341f48e7d995afa362
15e86394c3e2d77fbf9a1f24924db633e688e17b
2429ccfca73aee772156d9cbfb5128c9bb124e92d134f7586ca510ea1900c2f9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.0.17 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:41 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0

116.202.117.165

200 OK

815 B

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2630), with no line terminators
Size
815 B (815 bytes)
Hash
b5232ad2af14898800c8f5109c15b526
1865c0f3df3d48f0ec2ca9acbc3c8ed3a9d6a70e
dfb458381d56ddad9b6d8f376146fd8e208d5d6f988857d2ec6564d7a0206d87

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:41 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0

116.202.117.165

200 OK

7.0 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (30429)
Size
7.0 kB (7016 bytes)
Hash
535f43d0d7222eddfc56e57911a110a1
510a593f2ca41320c9ddf6a7fc79b38f4254169d
2f927aa6603e0e057b7598a7e4426b78e2256e369a29f68b15f96a7e455661e2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:41 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-includes/css/classic-themes.min.css?ver=1

116.202.117.165

200 OK

217 B

URL HTTP/1.1
swst.pk/wp-includes/css/classic-themes.min.css?ver=1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Content-Length: 217
Connection: keep-alive
Last-Modified: Tue, 25 Oct 2022 13:45:16 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

swst.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15

116.202.117.165

200 OK

13 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
13 kB (12758 bytes)
Hash
0772c7a51019bfc117208874b3d4007f
9b1a368c890b1834d0bbc5e739639addaeee750e
8e41787b96ed4cc4174b7df7a4f58c00b279bd3cf6a6a3b6cfc883d8fc36163f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.5.5

116.202.117.165

200 OK

9.0 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.5.5
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (62497), with no line terminators
Size
9.0 kB (8979 bytes)
Hash
90478b4133e72b2052f725a974854d52
53f46f616014a8f12705a9ba6864ff0b0b983064
9760288ad53bd57c00faeb66734367f085a468cb4603e2990be14bef7698ea85

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.4

116.202.117.165

200 OK

323 B

URL HTTP/1.1
swst.pk/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.4
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
323 B (323 bytes)
Hash
b24c24b7da3ffeed6ae8ade102a4d317
c4445b3977ce704b927508108e100213eea67a3c
5421ad49b70f379553eaceec744d753e74d4b065966c08aa7c7dd949553ca9a8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.5.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:33:48 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1

116.202.117.165

200 OK

3.5 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (16591)
Size
3.5 kB (3487 bytes)
Hash
a636bf9c541bd5fe4d42fdbc3e12962e
089722e93afdad497524ee2bbe7ae3bc46540d5b
ba39483319a134071c47bc0f669efa1317b2ea1529e44d4fedc8a938d5f8f67e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:32 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.13

116.202.117.165

200 OK

2.6 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.13
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (10019)
Size
2.6 kB (2631 bytes)
Hash
c42d43078a3ff558042b6ec80c66a086
fd8951772644a8b4c30111eb74f33fff40d4e095
050daa68d90726ceafd44b1eb12565fea6845bb17cce63464effd28199a0df61

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.0.13 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:32 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.13

116.202.117.165

200 OK

539 B

URL HTTP/1.1
swst.pk/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.13
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3815)
Size
539 B (539 bytes)
Hash
39d7f6d797721025aa1fba29a86e0503
5b4b108c0f954583940adb1da9c1a908b178adfd
13fcc7a727db90e299059abc4f3bd0d1b2a50de54e4652ca0bf9a7f5887f541a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.0.13 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/uploads/elementor/css/post-5196.css?ver=1605268344

116.202.117.165

200 OK

383 B

URL HTTP/1.1
swst.pk/wp-content/uploads/elementor/css/post-5196.css?ver=1605268344
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1079), with no line terminators
Size
383 B (383 bytes)
Hash
0abe83c6a456f5a27926f33169456626
31be000f2137cfbfdf21c1608d0bb09c4a48542b
2889c266753abc2914a4183eea0eb955874593adff32c21b83e0419cd5bce6d1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/post-5196.css?ver=1605268344 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:52:24 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.13

116.202.117.165

200 OK

16 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.13
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65496)
Size
16 kB (16249 bytes)
Hash
01bd40f4612abd5e23a7342702a249e9
c44b891977aa5284dd6c906b52432051f2b6bbb6
3e858aa8696d51ca544b1043a568a9b5c53dee5ff60e2d15255e854336aba643

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.0.13 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/widgetarea-editor.css?ver=2.0.9.1

116.202.117.165

200 OK

320 B

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/widgetarea-editor.css?ver=2.0.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (719), with no line terminators
Size
320 B (320 bytes)
Hash
2f3096ad27c72c366ea88e7b4cd5db16
d15daf472ad88926e1f88951b0bfe9487bf84709
dc8e5555288852d1b250fde3068e28d937d93d9b28725d7ce5013cd4a4bb3b26

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/widgetarea-editor.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:40:57 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/uploads/elementor/css/global.css?ver=1605268346

116.202.117.165

200 OK

8.0 kB

URL HTTP/1.1
swst.pk/wp-content/uploads/elementor/css/global.css?ver=1605268346
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (35345)
Size
8.0 kB (8008 bytes)
Hash
43079c2f304d977badeb8ee6a628dddd
ec32a254cda2d44d9504fcf074fb7abcffa4a004
b7dcae09af1bc859bf12ea18317627f1c1c1ce3b2ab7525e721fab2e191862c1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1605268346 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:52:26 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=6.1.1

116.202.117.165

200 OK

1.9 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=6.1.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (9152), with no line terminators
Size
1.9 kB (1936 bytes)
Hash
aad27d49f86182432343908c6931f8fd
931283ac10e192740aadf8cd7834fcdba017f1e7
f516baf214b445575d3a6c1e8fac09675dd386c747af264c0fc2ff572215c8a2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0

116.202.117.165

200 OK

8.5 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
8.5 kB (8510 bytes)
Hash
2f4ee04b3774422333bf7d9141c2be7c
151d2b8f31cb0617ba5496ee2fc40add0fd3899e
603908cd933b396d27341de6a8e5247e3a150793a82f6ff5ad7f010c0733297f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=6.1.1

116.202.117.165

200 OK

1.2 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=6.1.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
1.2 kB (1232 bytes)
Hash
7d9f45b74e5e680178073b3d6839bba2
fb52d0a47e1655c4d381f30b25667aeecee6c638
e0b02e3f5c12338601024e482383dc149a8e8e3682aa7980b847ef1cda3d0a6b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:34 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.3

116.202.117.165

200 OK

24 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.3
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65492)
Size
24 kB (23814 bytes)
Hash
5f2028d46cf492c7685ea1bef585e152
4fb2b529582828a0ce50a8fbbdacda02f40c3665
02039614932eb27e537cc51a3d9ba8aa7ff02b29589f1f66b1e2bc0a6013bef2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=2.10.3 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:11:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/css/bootstrap.min.css?ver=3.3.7

116.202.117.165

200 OK

4.4 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/css/bootstrap.min.css?ver=3.3.7
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (18899), with CRLF line terminators
Size
4.4 kB (4363 bytes)
Hash
51d18af186051926f3a5eb5170e2a439
54786fb9065a311ee499a7a680c5dd08e78497c3
e010aae994148e2c2b085686a922bdfad59a204f9880cb0efbb4b3b5f8133694

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/css/bootstrap.min.css?ver=3.3.7 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/css/ionicons.min.css?ver=2.0.0

116.202.117.165

200 OK

8.3 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/css/ionicons.min.css?ver=2.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (50638), with CRLF line terminators
Size
8.3 kB (8286 bytes)
Hash
70c7b46ffb54f4c1b1392dbe644c874c
805a92d8b93c889b6bfdca65afafed0933b1a503
ac954926c2eaaa0607088cd57e9f292555bdf96d77b85860eb751607b8c16fcb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/css/ionicons.min.css?ver=2.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0

116.202.117.165

200 OK

4.0 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (21391), with no line terminators
Size
4.0 kB (3999 bytes)
Hash
ab07225d1684743fd49d68c46b94e496
b2d88613bcf4748944500bd9f2628d269cbe582c
3d74e7ded6208dde8d39a99a45c68e10c2a0cf0db46a8284258e17a7a4f7f2e1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0

116.202.117.165

200 OK

7.1 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (30837)
Size
7.1 kB (7101 bytes)
Hash
fbf6bad5215fa073a01630bd9e7343d8
fae9ee44d246bb7cfcc59ae22b1205eb594fafeb
91c2faf1819676a2c2cd09118e0ac817716c2bcd9c70a42ffcc9337381c7e467

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:47:36 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 2868
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

swst.pk/wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0

116.202.117.165

200 OK

369 B

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
369 B (369 bytes)
Hash
a680dfa71d4cd5f64cde4ea733eacb40
794e9eb0ee75e119ab9251d7563de1e071ce831e
6580d6604055a2d7ba7edbcb7a187d0d45db416632383e975c2e4be4d7ca8095

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:01 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128

116.202.117.165

200 OK

690 B

URL HTTP/1.1
swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
690 B (690 bytes)
Hash
98b2680ed1022c042d5e8841b77a258a
650acfb93c6c738a6668ec1c58f25df69c93dd9c
1d0e551788fc80573d9f0b58050112046be7fa3dbffd9dd353ef258ef36feceb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0

116.202.117.165

200 OK

13 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (64512), with no line terminators
Size
13 kB (12765 bytes)
Hash
1a3d82192f66d1d631ee1f90b2df6085
6e493f86923f6fc57a9086154f163d0e3d9f1b27
a7a2cf1afb4a63e1e7b4797e63f0e88ea968481ed5b437e22ce720c4c4580e98

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/modules/controls/assets/css/ekiticons.css?ver=5.9.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:40:57 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.9.1

116.202.117.165

200 OK

3.0 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (27540), with no line terminators
Size
3.0 kB (2967 bytes)
Hash
694324dca1b449657522841da4e2e111
5f5cc6df6d744f013ebc5160ae4acb252d5bdcbc
1cbb35f0416f20626d6b038e7db3ce7cbf50f2c8e8008018cf2aae125efde0e8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css?ver=2.0.9.1

116.202.117.165

200 OK

25 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css?ver=2.0.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25129 bytes)
Hash
53c83680182f83195cd09eb7265bf0c4
5a0ed0deafa747f501456bbd330c0b3badf4c60d
594a76f4d7d8e639bec8c237bee0fd56278f783743928bbb16209529f424df18

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles-pro.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

116.202.117.165

200 OK

5.3 kB

URL HTTP/1.1
swst.pk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (11126)
Size
5.3 kB (5335 bytes)
Hash
b20806c6cf41eac93384afa0800ab43d
787183a143b065209dee3e1336e96950c4c93a3d
c0ca3ffd8d3010714794071c2aee77b55173d6bd6f07bbeb109f8b0d9762dcb4

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/style.css?ver=20200406

116.202.117.165

200 OK

97 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/style.css?ver=20200406
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
97 kB (97321 bytes)
Hash
49655ad6af0d0dd221a6f60c5293eaa9
caf17f8144106d283822190aad63dea464e3a676
18630b7e37fe6ee628212de06c2cfae0bd00a25f2a9d1ac5e53bb70ca1359860

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/style.css?ver=20200406 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Jun 2020 09:57:20 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.9.1

116.202.117.165

200 OK

50 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size
50 kB (50356 bytes)
Hash
d26e3494476c5c5a91fcb9e90f8a8ca8
3af2442c4144671db0f4d42a917ec74822a1d463
6d6c488e852f091cce0c3fed17cffad652b27a73a7dc91876487b4ec8d7ad6d5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2

116.202.117.165

200 OK

3.8 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (10045), with CRLF line terminators
Size
3.8 kB (3817 bytes)
Hash
180ee9acc082f335d797aed6009f7a8b
3b91d68d3c22e088c50da0dd993fb359c155a626
2e6333b3aa125046b06ca86ec818e1138d589b50235a483c68ae6d915be7e446

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/waypoints.min.js?ver=2.0.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

116.202.117.165

200 OK

32 kB

URL HTTP/1.1
swst.pk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65447)
Size
32 kB (32400 bytes)
Hash
ff0d7f07ef76a392400312902cd42aa9
7e5e63646a65555f96034f660d0d6c768f90a27b
f3fac241275ef66b16a5869ea26dd16fb3e2288db206b5794359271fa8e71b5b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 14:16:24 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=3.1.0

116.202.117.165

200 OK

1.0 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=3.1.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2967), with no line terminators
Size
1.0 kB (1034 bytes)
Hash
e37c5e8790c5699d7026a423d6e77395
604744989f1400965501a317eb4cb3ae8895a653
54d1d7ecfe6c87652156de743ea7cb9d69d37a30bfbff4438af80c35e96bf9dd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/vendors-style.css?ver=3.1.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:10 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15

116.202.117.165

200 OK

47 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (41022), with CRLF line terminators
Size
47 kB (46561 bytes)
Hash
5c2216b29b8de01de37eceb584937cf5
95dc5735e73c01369b4ed9ce2e9f042b13bfc5fa
c158ea00df978d9bf819e6d75f533ebe436ce7102f0fadce151320a0cf8b7105

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2

116.202.117.165

200 OK

731 B

URL HTTP/1.1
swst.pk/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
731 B (731 bytes)
Hash
b247669db7403333299fe4363a8449d0
0eb9ab9df4925f4fba4aa7e495e1d7665d262c22
5f1d64d1e426cacf5ee0cbf2468a990076aacfb92c7fcf4a7c9f42c9398274bd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:33:43 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=3.1.0

116.202.117.165

200 OK

18 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=3.1.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
18 kB (17896 bytes)
Hash
4a99d04e7bc06b526d17100882e55542
c36242e5baf8a371bb8a7b04ac8c8420801665de
4082965d759b9a9487d3c50b7c4bb304814b8e75fbf550f01722004a3e4a9247

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/style.css?ver=3.1.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:09 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15

116.202.117.165

200 OK

84 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (56675)
Size
84 kB (84478 bytes)
Hash
33c675e2cacfe810f81b1b953f8a373c
292ae2cd331fde4e2e7d0351eaf5d67a25acc48e
00ee237eeba337dd03e8147151116b8f71f7d93ed99d34f1e7c0112c19741bd7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0

116.202.117.165

200 OK

5.2 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (17895)
Size
5.2 kB (5209 bytes)
Hash
4b2c125af94e1865f6827c13b3f4bb06
5189f96d11caba2c452889bbf4c4a77fc3ad4809
b2db2d946338598877a5fe97c1e1b2503389bd20155f2d960484a44dedd7136c

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:42 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17

116.202.117.165

200 OK

7.8 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (25938), with no line terminators
Size
7.8 kB (7759 bytes)
Hash
46e6bbc5a50494f1016a4799bcb773f5
65a76eb3cf2ec5f09a99125c041f4bc470b3140f
4a9176502c66e9e44d785dd532f515e17e98ee3f3c27094fbd52cc8288aa8f10

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.js?ver=3.0.17 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:42 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2

116.202.117.165

200 OK

5.2 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2237)
Size
5.2 kB (5189 bytes)
Hash
ffd6ec6cb9a44a98edc8cc0e52f7f584
4ab20e8e7607f000bc9b38fa98cc3b3241d1983c
0afb214c244dc22b87e497bb7efc223a9c0435f143bc87c064e60813b617dbdb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:33:43 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swst.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70

116.202.117.165

200 OK

4.7 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (11409)
Size
4.7 kB (4693 bytes)
Hash
28931529b9842cb5de2768b7d7a2585a
c6b0e3899c054b909e9898b4164874401942a13c
410b90d38291f0c208b22f14eb8f37e71f43332160a96883d8dd88eeb8e8d975

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4

116.202.117.165

200 OK

2.1 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3917)
Size
2.1 kB (2130 bytes)
Hash
49d3236ff88deb75369e1473ba2ac254
453dd1b359273b7b29c01a1de44fe92be9c26d18
30431493a0603c9700ebb87069036de0f3c43d0c67f8bec2f6aa367bdab2602a

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5

116.202.117.165

200 OK

2.2 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (5275), with no line terminators
Size
2.2 kB (2249 bytes)
Hash
59adebbb456c68c4b60769ce1fc5fedb
3ad10ef54752d395b6e07a571a7a7b3a2696c214
5da8d3a4228bd4d46eaab32c5a321a1d86a12e66d2afe0aa92729e7917eeea51

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3

116.202.117.165

200 OK

2.5 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6765), with no line terminators
Size
2.5 kB (2498 bytes)
Hash
4e542f9e277c14049c79312f00ef83a9
1af142c109d1c2739c6649729b6c2b3c88d8869f
eda6d3f511939cb834177fb27bf197f0d3909681cf0666e697217247b20b6629

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.4.3 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:34 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5

116.202.117.165

200 OK

2.0 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4284), with no line terminators
Size
2.0 kB (1961 bytes)
Hash
d22cf01b3512b7c5474b030977e5c6f8
123f0eda0390679958453cb74331448b6fc70c99
089f6400f733fc7d621444143e06db85665027eb4547ae275ae04af7dcd585d7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5

116.202.117.165

200 OK

2.2 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5176), with no line terminators
Size
2.2 kB (2205 bytes)
Hash
4cefcc2929b96895998537f5bf1dd5b7
a88e01dcc738a3eb1a37f147585775abb610c99c
5c65ac0eb127246e6c7647252fdae7d9871dda6bfda2bec7e015cfebaae6281e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21

116.202.117.165

200 OK

5.9 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (14064)
Size
5.9 kB (5896 bytes)
Hash
b5156338d2255a45340697e5d805987c
bdef7906fa8a51ff0262c7599bd781e97c272f4f
229eece0b7ee37d0c1701fc794d0ae54e725c141769b77f2f5ab3f13eac98f5f

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 07 Jan 2021 05:34:34 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6

116.202.117.165

200 OK

7.1 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (23829), with no line terminators
Size
7.1 kB (7058 bytes)
Hash
af32b5d801333e79b7a1712ac9c7fc9a
5760af3f26ccf1540b1df12e6037acd14ebe8a1f
19141cda875a772c1690726b5e14c7f13a4791348c3367973f75be41e6d5e353

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-includes/js/wp-util.min.js?ver=6.1.1

116.202.117.165

200 OK

1.9 kB

URL HTTP/1.1
swst.pk/wp-includes/js/wp-util.min.js?ver=6.1.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3628)
Size
1.9 kB (1919 bytes)
Hash
3608aa0fca0839bc80bb309ea80e1af7
fdd07576d8a4d8970bfaf977b30fce70895526c6
623dc4805d4629c86f1064b2f95c7bad2d94ed35e279fb28a50782d183e37e50

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 20 Sep 2022 03:52:10 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-includes/js/underscore.min.js?ver=1.13.4

116.202.117.165

200 OK

8.5 kB

URL HTTP/1.1
swst.pk/wp-includes/js/underscore.min.js?ver=1.13.4
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (21035)
Size
8.5 kB (8514 bytes)
Hash
dd44d3e70872b78b98a158bd3d15f82d
0198d8cba351c8520a4b0cd05c9affc76723a89e
f16d67630e8c4894e3cfc0fa8e74fce16edfd8864b2e92408043dfefdf0c65bb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 27 Sep 2022 15:18:25 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.5.5

116.202.117.165

200 OK

4.8 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.5.5
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (15833), with no line terminators
Size
4.8 kB (4835 bytes)
Hash
d7e395ef6b94a5593684211ae49bfa9a
401325791b0a24b5c9c51c33517ce4db24c21d11
2f299f79c1d88f9f649ab9adb416e2e1c72b6a19883c8a60f03ae93265750dd7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

116.202.117.165

200 OK

8.3 kB

URL HTTP/1.1
swst.pk/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (10426)
Size
8.3 kB (8303 bytes)
Hash
daa8e634af0617edc95bb87c2f0d3987
c87d19defdaf46a9ee5aa91204132d10318c44df
9f330f13dc1d55da09cfd0393da10c71aaa7ba82e03f0e51c9b106bf3d760d72

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 23 Sep 2022 19:55:30 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swst.pk/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2

116.202.117.165

200 OK

3.4 kB

URL HTTP/1.1
swst.pk/wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (8241)
Size
3.4 kB (3351 bytes)
Hash
d970bbe33d3364bd5fef93a03be2b4b9
1a9c196944863cfbd1a34903043ea1118aa456ce
1b8306e7fe7f351a906985dbc841791b6c87fe3d9567a8a42ed5d3e693115693

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/ui/tooltip.min.js?ver=1.13.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 19 Sep 2022 18:04:09 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0

116.202.117.165

200 OK

2.5 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (2237), with CRLF line terminators
Size
2.5 kB (2486 bytes)
Hash
24f840a91bfec70fbe2c49f9cf0c78ea
02e11da6f4f84c4e4cdd4eca973710a732c566ea
24e3b28e6c82c52ce27b1468159f3a37fdf2357d817d751027d7d452754a43cb

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/jquery.fitvids.js?ver=1.1.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7

116.202.117.165

200 OK

2.5 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5546), with CRLF line terminators
Size
2.5 kB (2451 bytes)
Hash
429f6e8f84b94fbf50c944875c068846
a358fca7f60bae3c3bb5bf5a3e3edb1fe3a7d3c6
0478289ad9d6c34f71ce56757ea1f84ffc7672c9ff9aa5c5117231091abc3b48

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/jquery.lazyload.min.js?ver=1.9.7 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swst.pk/wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0

116.202.117.165

200 OK

2.3 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4427), with CRLF line terminators
Size
2.3 kB (2312 bytes)
Hash
6bd1826474710229455382e2896881d5
e69fc321dc78c75b56df2745d1401e49fd237fac
70063fc1a572d2e148273a1c1eeef8c19d4d479c5f5d39a3f155666aa57c2314

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/isInViewport.min.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0

116.202.117.165

200 OK

1.7 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2248), with CRLF line terminators
Size
1.7 kB (1704 bytes)
Hash
c0b5b9c082e314e6ae4fb7089d6974df
4a0cf119d573af21a1a365f23ff5f2d44782ca44
299538d876ed139674ff87bd628f156dfefd47dbf9078d223c4085fa53ad1460

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/jquery.coundown.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 02 Nov 2018 11:22:22 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0

116.202.117.165

200 OK

2.1 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2237), with CRLF line terminators
Size
2.1 kB (2101 bytes)
Hash
3b1466903df5c94da3cbae7a82b0b2c7
15094a838e176ed9177f06e0dee38f60ea365401
7c8b0a1678dea142b2586baaf604043591cd149874c7f1bbd8b5d0d37a995ba3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/jquery.counterup.min.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0

116.202.117.165

200 OK

1.6 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2248), with CRLF line terminators
Size
1.6 kB (1613 bytes)
Hash
e08c13b417d52d29dfaa2755ebfa3fac
56b382056e4c68a7183b9dd473c04b5b808e4485
b71a8dbf8a4fc5f614bd343d2b216d3ca4e18b2783cedf4d159adb965bf45994

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/jquery.tabs.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 12 Jun 2020 11:53:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8

116.202.117.165

200 OK

2.9 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6580), with no line terminators
Size
2.9 kB (2878 bytes)
Hash
259465341899ecd5e323a32879d22dc7
7ad046204c816d770d3b8ca6f3cbd935f001a7b0
a8c4f011bada70c14a77b60008278312e787164dd042c0bdfbf688fb6e849952

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/jquery.slimscroll.js?ver=1.3.8 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 20 May 2019 09:17:44 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0

116.202.117.165

200 OK

4.8 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2237), with CRLF line terminators
Size
4.8 kB (4839 bytes)
Hash
9d7e7f1fbf200ee92414e64856ddfb40
f93ba71575b6d24bb2ec725a42f28ab18ba4f008
a7811f4aa3b4159e1ab2d9df25c627aabba4ebd82395ed5131ae00bf7bc602fd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/nprogress.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0

116.202.117.165

200 OK

8.6 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (16017), with no line terminators
Size
8.6 kB (8628 bytes)
Hash
10bdb65620db437be3438c16a56c09d8
062809f44a990e783a3cf62b1e4c1fae97c6da85
aefd3b1b6f7b324a3fe783daa2c7c5b339e8ee5f5286b95cbb3d1bb548be1ca9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/notify.min.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 01 Apr 2019 11:22:06 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0

116.202.117.165

200 OK

12 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (32076), with CRLF line terminators
Size
12 kB (11514 bytes)
Hash
4186e944555f3e73f1df530de58913ef
6ebc3bbff73189863e93709c7d74916386240411
f5367bbdbafb4073825bd5eaec8c05d72c3de54a1d7174c6803b502120d4bf87

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/plugins/slick.min.js?ver=1.6.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/themes/martfury/js/scripts.min.js?ver=20200406

116.202.117.165

200 OK

14 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/js/scripts.min.js?ver=20200406
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (56762), with no line terminators
Size
14 kB (13508 bytes)
Hash
2bdda99b68ccc5e49cc171537a6a8071
a94630e6201688cb032cb3ef7a37471354ef640d
4cd16f81ef784076b6aed006511c547c9a82d9213df10db96ac87ba7420ff792

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/js/scripts.min.js?ver=20200406 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 15 Jun 2020 09:56:56 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0

116.202.117.165

200 OK

1.7 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2241), with CRLF line terminators
Size
1.7 kB (1658 bytes)
Hash
e0c984c1b0ab7c5aa86aeef43b20fc11
4c3ce1d0beec6c67f3651ceff1ff247895e1c8b0
3cb7fa02dac2d96f3a8b77892f5b0b9b59992f2dffea42c563e0849ada3e339b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:01 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1

116.202.117.165

200 OK

1.3 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2262)
Size
1.3 kB (1265 bytes)
Hash
54cbcc60b107257f3f134db3e180d29c
264f495ba3cf0897baf0d30eb0bb273421d27c00
9af563c5e661d8fc5aa22912429a8411b3fee7f2edca966485f12ac15321091e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:40:57 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1

116.202.117.165

200 OK

3.9 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6806)
Size
3.9 kB (3927 bytes)
Hash
e7bc76527b4b4be33221fc237ba724b0
b0c95ffc815fa726b70dfc0de8ed9d79985c8bb1
45e5376e00e6f67c4116d93570badc2879197b77dc699f4fbc12de22f99bcf63

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.min.js?ver=4.8.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Sep 2020 14:33:45 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 873
Cache-Control: max-age=127477
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:21:23 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471

swst.pk/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21

116.202.117.165

200 OK

2.4 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4831)
Size
2.4 kB (2354 bytes)
Hash
e581065d2dadb3d4a870396385876ad7
a2cecc3290c13df268a10f49b0fce0c1567b40fd
62b10e33df2426a52c283b6bc4ccd7ce434a1762e9b134c21e421e3955f35ce7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:03 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2

116.202.117.165

200 OK

7.8 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (25097), with no line terminators
Size
7.8 kB (7801 bytes)
Hash
c59ab7b5325ca4dc560222be7d8a6171
db4e4780d3fecf2e3b0521a0e39cf286e8816ab1
f8cf872425ff723b00336b051ae143bc641e2861e72d01b5e4d1cce21b3b33c2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=4.5.5

116.202.117.165

200 OK

3.1 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=4.5.5
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (8584), with no line terminators
Size
3.1 kB (3076 bytes)
Hash
1cc3e7a4561af0d00fbb4011d4d4ef7b
049f2216b8faebe072833eff52036b71f0658720
abf2f92243575513306f4c84e2d353f3b2fba65cd0b4882f037fd64cfbd8bc04

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=4.5.5 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 11 Mar 2022 01:28:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=UA-180634366-1

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-180634366-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43634 bytes)
Hash
fd4f030ec02159f8fb2d1a9923b4c7a4
7e2107068e98d3e38bbe4e63289fbd3537b5bbc5
aeb064930ae42245fac0895dde23f541dddee0304e3c4322cb56d7dd180ad80b

HTTP Headers

GET /gtag/js?id=UA-180634366-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 21:56:46 GMT
expires: Tue, 06 Dec 2022 21:56:46 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1

116.202.117.165

200 OK

40 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (40447 bytes)
Hash
125fc1eea5dc01e62eb58800c99839ae
309376be229b5a541e799e1277b043503d8318c5
199baa762baef1e0ba93d76499f4819789dccf39887de1126ab146313fa7cefe

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.0.9.1 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 13 Nov 2020 11:41:02 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127

116.202.117.165

200 OK

2.4 kB

URL HTTP/1.1
swst.pk/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2250), with CRLF line terminators
Size
2.4 kB (2376 bytes)
Hash
268cab67a70d9408d642687246adf0e2
53a5a0c42dc6dfd9ec94867646e246e0041351b3
cf9ad5b099f0078fab200241bfaf787ce66fd506103df07889251d8687431bd7

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 09 Aug 2020 08:31:00 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3ba864a4daffd79d4639e98e35cf5a8f
4e2dfdbff3ce773c1c39031bdf854e2b0a31131c
73a684466e34cc6ab4250dbab0c6afb73a92c4239e37076020b9e1c446b69b7e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff

116.202.117.165

200 OK

23 kB

URL HTTP/1.1
swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 22964, version 1.1\012- data
Size
23 kB (22964 bytes)
Hash
a2e6d71a4a7082029a062cd82d214011
e7c8fcd96128c47c376c9192e679693a1547c2ee
ad209b4b6cc3615d34001da3fd1de3d4b5a421203514f2fa6a98ea1bff6abe4b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 22964
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 19:02:58 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff

116.202.117.165

200 OK

24 kB

URL HTTP/1.1
swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 23808, version 1.1\012- data
Size
24 kB (23808 bytes)
Hash
1fa436680c42d6bd29b2d6e654ee2239
2e42440706e225cc019c7aba0fe995f57c39fb1e
832873b163018ac574cead07ad681fa86ef9d0d9ec146351c1061c92e1261bdd

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K67QBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 23808
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 19:02:58 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff

116.202.117.165

200 OK

24 kB

URL HTTP/1.1
swst.pk/wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 23956, version 1.1\012- data
Size
24 kB (23956 bytes)
Hash
e25084cb1d1bf79f37ffaa8224ee501a
e7293f8746e5093404d2a18fbf90d16604163104
65be5347bdd9751d68645b82167e4e76eb54e1aacfd4a7506e0403d53accceed

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/fonts/work-sans/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K5fQBi8JoI3ZKyHqQg.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 23956
Connection: keep-alive
Last-Modified: Fri, 26 Aug 2022 19:02:58 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

swst.pk/wp-content/themes/martfury/fonts/ElegantIcons.woff

116.202.117.165

200 OK

64 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/fonts/ElegantIcons.woff
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, CFF, length 63664, version 1.0\012- data
Size
64 kB (63664 bytes)
Hash
fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/fonts/ElegantIcons.woff HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/wp-content/themes/martfury/css/eleganticons.min.css?ver=1.0.0

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 63664
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f15dd69f37711a6c578b1bc9d4e741d3
37b5eb7c7aaf58e9753735db959a4e5257e6d6c8
f0fe6b34a83e271cf596b31b153e23cef94f86629975bbac4232d6c19cfa063c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F0FE6B34A83E271CF596B31B153E23CEF94F86629975BBAC4232D6C19CFA063C"
Last-Modified: Tue, 06 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21589
Expires: Wed, 07 Dec 2022 03:56:35 GMT
Date: Tue, 06 Dec 2022 21:56:46 GMT
Connection: keep-alive

push.services.mozilla.com/

54.191.251.76

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.191.251.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sQb8H/tQ3/2hl/CsebvwqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YkHHrQNNgpuivLndIXES/VDvPRo=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14080
Expires: Wed, 07 Dec 2022 01:51:27 GMT
Date: Tue, 06 Dec 2022 21:56:47 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
13 kB (12767 bytes)
Hash
fe73cbe4ac50f4a880edf0d831f70f02
02f836b69c4f55d827e295a4fe5e51b85e30d51a
e11ece371f9d1f0bb3f40bc311e90b88af98cd25b6568c2573abab017d271637

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:23:09 GMT
age: 84818
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10594 bytes)
Hash
7e1b54923ba506fde6b21c5bfb51ccc8
366aa3ab0790c496ea51bc08d1f2ff3358530d9e
a993ca6dc9a1f854f4542f9221e4f90060825ea863974b5163a9d3e284dc4663

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70fb9d31-10e5-4323-9fbd-ed451a00e6b1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10594
x-amzn-requestid: eee9f193-eef5-44bf-997a-877fa206749e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSyIHpGoAMF1fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64da-0a9190f7698dbf2f73bb1575;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f-KQCOuDl461V8MBPsSOj1ILCU91Q0pCSENaldkMHR2oZdrEUnHeaA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:03:16 GMT
age: 86011
etag: "366aa3ab0790c496ea51bc08d1f2ff3358530d9e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

swst.pk/wp-content/uploads/2021/06/Final-02-e1624137226362.png

116.202.117.165

200 OK

125 kB

URL HTTP/2
swst.pk/wp-content/uploads/2021/06/Final-02-e1624137226362.png
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 2380 x 2360, 8-bit/color RGBA, non-interlaced\012- data
Size
125 kB (125334 bytes)
Hash
fadd70326ebde92969a87cddb7dc5f41
4e8b5d64be7cbac61c326b458eff9262169214c7
05d3f7384b202e1d7246abe2132db5efeda496ba19f2eb78b10ecb918d3157c9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2021/06/Final-02-e1624137226362.png HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:46 GMT
content-type: image/png
content-length: 125334
last-modified: Sat, 19 Jun 2021 21:13:47 GMT
alt-svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
expires: Sat, 04 Feb 2023 21:56:46 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11352 bytes)
Hash
7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aYf5d6wAJlPSXVwF5uQXUb1g_65z-v6tInk7IF64bBV-w31d3MKeIQ==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:23 GMT
age: 84864
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5995 bytes)
Hash
3801236dc22938e1cc18947e90ea5326
5979d7dc3ba0eb61947282a4adeac8208b4148ae
3bd4eab29590ec3c316597abd2be65281cd9a6137add037ad57c093f1fca12e2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6aff31b2-ef3e-4782-ae28-38f9aee8b1b7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5995
x-amzn-requestid: 25b34277-c486-4642-aea7-21e0598babc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzOGGjoAMF4kw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e1-6f43ab8e0c1a5260327bce11;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cO5j7BIPh3GSOUqKDYYY2qmG6__Hn2XB9lFhhYT_WpOXya-9TTGtgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:24 GMT
age: 84863
etag: "5979d7dc3ba0eb61947282a4adeac8208b4148ae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11175 bytes)
Hash
38b97436af942d5eb1111ca7043259a0
0234fe32c84c4711f0619714f3ac6d3db1b717d3
a76a7721355abbaecd5c8cb5218e7e4626dc345eb26e7541c71bf4ceaa7ae5d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d735c66-8946-4145-a67f-e17dd48087bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11175
x-amzn-requestid: 9c93ddca-1247-44af-a364-e617f69ace26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzYEnEoAMFa2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e2-7d38ea383725901524bc2ca0;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jqWuNfsDgPOsqxlX2HGJdhXm9GnGC-TBafSbSCrztICFgEwcyqc_iA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:22:22 GMT
age: 84865
etag: "0234fe32c84c4711f0619714f3ac6d3db1b717d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

swst.pk/wp-content/themes/martfury/images/bg-404.jpg

116.202.117.165

200 OK

8.7 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/images/bg-404.jpg
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8660 bytes)
Hash
fddffc8edfa3ca668c8ac740d34f46c5
63483fc211cfb2808c7f37940a4065b4f4177c59
3c736f085f8f25d68c3dd946d5a546dc6d1f5f6e94a0da17b7fd4662d61a0b50

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/images/bg-404.jpg HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: image/jpeg
Content-Length: 62911
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

swst.pk/?wc-ajax=get_refreshed_fragments

116.202.117.165

200 OK

479 B

URL HTTP/1.1
swst.pk/?wc-ajax=get_refreshed_fragments
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
JSON data\012- HTML document, ASCII text, with very long lines (1115), with no line terminators
Size
479 B (479 bytes)
Hash
f57c5e5171bb70deffc6c67f447afde2
f44871ebae43ab42279eb35aa7774524452d39be
5c3866a88257b46ac69e421e2e1202d6514125b6dbeedde7b51da2a4cf840976

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://swst.pk
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:47 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Server-Powered-By: Engintron
Content-Encoding: gzip

swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-192x192.jpg

116.202.117.165

200 OK

10 kB

URL HTTP/2
swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-192x192.jpg
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Size
10 kB (10046 bytes)
Hash
bf735c447cffde0effd1fe3a1920781b
c37fe7a0d149907c6f07c1337ff66a46bd399c8c
84b462c662e596454ba7a3a31916dca39f2f93958d15dbca84a31a751d5ddaa8

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/cropped-2-color-background-192x192.jpg HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:47 GMT
content-type: image/jpeg
content-length: 10046
last-modified: Sat, 17 Oct 2020 22:16:21 GMT
alt-svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
expires: Sat, 04 Feb 2023 21:56:47 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: STALE
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-32x32.jpg

116.202.117.165

200 OK

4.0 kB

URL HTTP/2
swst.pk/wp-content/uploads/2020/08/cropped-2-color-background-32x32.jpg
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 32x32, components 3\012- data
Size
4.0 kB (3992 bytes)
Hash
222e56f1590cc392cf370b33541e195d
63e472c7869242114c7865bd20a2af6275a049fb
9084ef99332e469e9c1965f96b7044cd9cafbb841b7df9123f2bb15f4509303e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/cropped-2-color-background-32x32.jpg HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 21:56:47 GMT
content-type: image/jpeg
content-length: 3992
last-modified: Sat, 17 Oct 2020 22:16:21 GMT
alt-svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
expires: Sat, 04 Feb 2023 21:56:47 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: MISS
x-server-powered-by: Engintron
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.14

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 20:46:55 GMT
expires: Tue, 06 Dec 2022 22:46:55 GMT
cache-control: public, max-age=7200
age: 4192
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 21:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/j/collect?v=1&_v=j98&a=767717805&t=pageview&_s=1&dl=http%3A%2F%2Fswst.pk%2Fvup%2F%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Smartways%20Security%20%26%20Technologies&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=345574119&gjid=424483545&cid=1951544310.1670363807&tid=UA-180634366-1&_gid=824117721.1670363807&_r=1&gtm=2oubu0&z=360943068

142.250.74.14

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=767717805&t=pageview&_s=1&dl=http%3A%2F%2Fswst.pk%2Fvup%2F%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Smartways%20Security%20%26%20Technologies&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=345574119&gjid=424483545&cid=1951544310.1670363807&tid=UA-180634366-1&_gid=824117721.1670363807&_r=1&gtm=2oubu0&z=360943068
IP
142.250.74.14:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&a=767717805&t=pageview&_s=1&dl=http%3A%2F%2Fswst.pk%2Fvup%2F%3FQBOT.zip&ul=en-us&de=UTF-8&dt=Page%20Not%20Found%20%7C%20Smartways%20Security%20%26%20Technologies&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=345574119&gjid=424483545&cid=1951544310.1670363807&tid=UA-180634366-1&_gid=824117721.1670363807&_r=1&gtm=2oubu0&z=360943068 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://swst.pk
Connection: keep-alive
Referer: http://swst.pk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: http://swst.pk
date: Tue, 06 Dec 2022 21:56:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

swst.pk/wp-content/themes/martfury/fonts/Linearicons.woff?fgpewa

116.202.117.165

200 OK

453 kB

URL HTTP/1.1
swst.pk/wp-content/themes/martfury/fonts/Linearicons.woff?fgpewa
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format, TrueType, length 452632, version 2.0\012- data
Size
453 kB (452632 bytes)
Hash
e21aa688dd6a3491257d2576009073b8
33fc6ff96474c728ec9de00d5ad1b798aec5b0ec
f321ac856aecf0735227b9c47710b0cb755af1a35aec4d97212070a121b35df2

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/martfury/fonts/Linearicons.woff?fgpewa HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://swst.pk/wp-content/themes/martfury/css/linearicons.min.css?ver=1.0.0

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: font/woff
Content-Length: 452632
Connection: keep-alive
Last-Modified: Wed, 01 Aug 2018 12:36:28 GMT
Alt-Svc: quic=":8443"; ma=2592000; v="43,46", h3-Q043=":8443"; ma=2592000, h3-Q046=":8443"; ma=2592000, h3-Q050=":8443"; ma=2592000, h3-25=":8443"; ma=2592000, h3-27=":8443"; ma=2592000
Expires: Sat, 04 Feb 2023 21:56:46 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11469 bytes)
Hash
5529617b0748f2d8c82ef99c1ac116a8
a862b74508113ae72b56b9b3de0c75ba559b9032
376a82ae4a5b80f59fb746be79bca569b03a74c345845c7bbf15189964b0bb96

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faeae6973-c3cb-4597-8dcc-f36e4cd35fda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 11469
x-amzn-requestid: f60a3f0d-38f7-4f82-bdd5-9e31814ab1d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuZGAXIAMFwuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-5b4b99e779a0aaa71a311a1c;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SxFdluOKQmnZA8pW576X9B4b3d4MIWehMY_pbAs52EuR8KfQvlWAPA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:38:54 GMT
age: 1079
etag: "a862b74508113ae72b56b9b3de0c75ba559b9032"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

swst.pk/wp-includes/js/imagesloaded.min.js?ver=4.1.4

116.202.117.165

200 OK

0 B

URL HTTP/1.1
swst.pk/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
116.202.117.165:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: swst.pk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://swst.pk/vup/?QBOT.zip

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Dec 2022 21:56:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 13 Jun 2020 18:53:27 GMT
Expires: Thu, 05 Jan 2023 21:56:46 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (58)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP