Report - afribookmarket.com/oesi/index.php?qbot.zip

Report Overview

Submitted URL
afribookmarket.com/oesi/index.php?qbot.zip
IP
63.250.38.5
ASN
#22612 NAMECHEAP-NET
Submitted
2022-11-19 00:52:54
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
428

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-10T14:35:32Z	340 B	963 B	104.18.32.68
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	1.7 kB	4.4 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.8 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	52.38.146.2
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	55 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	420 B	746 B	142.250.74.10
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-10T08:04:05Z	418 B	2.2 kB	104.17.24.14
stats.wp.com	2711	2017-01-30T06:06:59Z	2023-03-10T09:35:36Z	738 B	6.7 kB	192.0.76.3
afribookmarket.com	unknown	2022-10-15T14:52:24Z	2023-02-21T01:51:47Z	37 kB	568 kB	63.250.38.5
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.1 kB	4.2 kB	142.250.74.35
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	997 B	97 kB	216.58.207.195
pixel.wp.com	2545	2017-01-30T06:31:40Z	2023-03-10T09:35:37Z	519 B	239 B	192.0.76.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-19	medium	afribookmarket.com/oesi/index.php?qbot.zip	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/css/classic-themes.min.css?ver=1	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5	Malware
2022-11-19	medium	afribookmarket.com/oesi/?qbot.zip	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/mas-woocommerce-brands/assets/css/style.css?ver=1.0.6	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/css/bookworm-icons.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.slick-carousel.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.countdown.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/hs.core.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.15.0	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/css/fontawesome-all.min.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/css/cubeportfolio.min.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.min.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.20.1	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/multilevel-sliding-mobile-menu/dist/jquery.zeynep.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/appear.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.unfold.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.header.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.selectpicker.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.fancybox.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.onscroll-animation.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.show-animation.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/bookworm.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.go-to.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2	Malware
2022-11-19	medium	afribookmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/bookwormgb/dist/frontend_blocks.js?ver=1.1.3	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.min.js?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/flaticon/font/Flaticon.woff2	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/webfonts/fa-solid-900.woff2	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/style.css?ver=1.0.7	Malware
2022-11-19	medium	afribookmarket.com/?wc-ajax=get_refreshed_fragments	Malware
2022-11-19	medium	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/js/bootstrap-select.min.js?ver=1.0.7	Malware

mnemonic secure dns

Scan Date	Severity	Indicator	Alert
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed
2022-11-19	medium	afribookmarket.com	Sinkholed

JavaScript (67)

	URL	Size	First Seen	Last Seen
	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/multilevel-sliding-mobile-menu/dist/jquery.zeynep.js?ver=1.0.7	6.2 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/multilevel-sliding-mobile-menu/dist/jquery.zeynep.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:40 Times Seen7 Hash 56c0ce048bd674278322ace4afb5961d a9e3c376de542ce445db0a1bf15ae570ec2bcf3c 664316308fdfdff2c75ba13de9bba44b9cbeeb20ccc91751045205da1385beb1 Loading...

	afribookmarket.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6	1.1 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:10 Last Seen2024-04-25 09:52:01 Times Seen2468 Hash 27b8b3680cd49b8f105b2bf49da03b1c ad0c8cbc41c7e19ad1d892234f6c4b403df1439c cfb6ea70d464c88b03728fe77f38a7400f7a3b1b5b0eaaae5817844d730e8cbd Loading...

	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2	4.0 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:05 Last Seen2024-04-26 04:19:36 Times Seen3080 Hash 84cdf2af726ea0ad5c67b7ec6479e363 bba43108f022eaa28a7637c1ed7b7cb287d1691d 8a3820962c15d26c4cdc9eff4f8c66ed29f96e353b7893285cb14962d6a6956d Loading...

	afribookmarket.com/oesi/?qbot.zip	1.2 kB	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash 71cce6eeac41993f55e0d3c68f076f0e d8c60fd658df53e6cc627a31a50424ffd47e3367 fee5ac257e5967d470304f1fdf88a456d958bf78568753357d9f4a3804f719dd Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.unfold.js?ver=1.0.7	15 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.unfold.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:40 Times Seen7 Hash 3b214e3c7c2b3b9b36b1df262613274a e6dbdf13172d62eca94035aa610b76ac5bc46f2e f11cdf06b7e68d9bff0d4ce59262916119f030c5cf295e8919eaf114f983a583 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.scroll-nav.js?ver=1.0.7	8.2 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.scroll-nav.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:39 Times Seen10 Hash ec6e0442f6919ab54e4d15445b2ebe0c 999ffb957abfb01990ad60eb57a52ae531b4f958 7500178acb293f3bc20a948097ab8170889c3be9963a771e0673584d7fe02835 Loading...

	afribookmarket.com/oesi/?qbot.zip	109 B	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 06:05:17 Times Seen4210 Hash c3041f910d72f3447c03a53d6b8df977 d2959e0ca4bfa2ec8613d1fba8ae2399aebdd123 9b5e9931c5ad5f273f4c6eb5988506ef60471957923124b28aab2f8563e8b7fd Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.quantity-counter.js?ver=1.0.7	1.9 kB	2023-03-07	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.quantity-counter.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:00 Last Seen2024-01-09 18:56:40 Times Seen28 Hash ee6617db24cdd37cb1e2495b5d5e5bcf e184dbc3b626c41137cb4a623493afee520e5c1c f6356a1f076f5dbda385c6c0ec67b797b0acdd948f0f629836bb4d81c18146ee Loading...

	afribookmarket.com/oesi/?qbot.zip	2.2 kB	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash a48d5d0712133e4a65a93773cc2fa507 c89191f2b091b15084e723d9544b1bedc105e24e 8ecf44af2fe5d7a7c574579a3cefae321e6c4073f8f78b9c2d33a51ed9e97187 Loading...

	stats.wp.com/e-202246.js	9.0 kB	2023-03-07	2024-01-05
Pretty URL stats.wp.com/e-202246.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:19 Last Seen2024-01-05 09:08:33 Times Seen3233 Hash 9152c169155daa333287728cb8e4ae93 1e45a9ea1464acf983f022567cb9f669f4c77f65 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302 Loading...

	afribookmarket.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 21:53:57 Times Seen15501 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	afribookmarket.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b	12 kB	2023-03-08	2024-04-18
Pretty URL afribookmarket.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:46:38 Last Seen2024-04-18 12:49:19 Times Seen381 Hash ea0d01a925f98cfa34156dfcc6600f03 b011362ca664891da4629f16845431ac0975c63d 1987ae63250aaf378e4da5e114eeca519f6c46a8d55b27e2d0c7b8b05968e6af Loading...

	afribookmarket.com/oesi/?qbot.zip	753 B	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash d099acaa42eadac708ee80d34c030d75 4d01e62b828c9c2c25f5264dc122923a39524a2d 4a16a697d9a6f4ec6672b09ecdf59a9b211a97463e21dc307cc4bd07dff148f4 Loading...

	stats.wp.com/s-202246.js	9.4 kB	2023-03-07	2024-03-07
Pretty URL stats.wp.com/s-202246.js IP 192.0.76.3 ASN #2635 AUTOMATTIC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-03-07 00:14:50 Times Seen3354 Hash 82d763decfeb58a330f075ecd1bfbec4 9834c21e75bcf80d52c98bf55641f2bd92e200d3 7faf2fee5a715e1668f517f67a4b21cddd539b978678ce1bfd48a597044079e1 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/js/jquery.cubeportfolio.min.js?ver=1.0.7	82 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/js/jquery.cubeportfolio.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:01:34 Last Seen2024-04-26 05:07:55 Times Seen293 Hash 4e85cb1f43624c125a9b49bd36b4a02a aec563e0422db7505435c31d6b2f139b10e41050 354ee1fc51c2df11fa4621e960a7d226467d17dda88b03452a939689186977a4 Loading...

	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0	3.0 kB	2023-03-08	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-04-26 05:04:06 Times Seen11378 Hash f449e3e4a7c058f7c48f57e05c788fb0 e7b0c58a1a14c14a92e452cc544b312ed91fa52e bfd861dc2936299f52adca1da826c273dced7c77ad4c33d31916ad55ab354e89 Loading...

	afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.20.1	4.6 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.20.1 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-25 03:35:15 Times Seen1240 Hash 25d887c9c8997522cf1184e1171d605c 8f9fc958307ce831e7313d22d996908f578956e2 ccdea9568a2dafdc3b5dfafd7cc65ed784a235fe1a3c2da2e4183a9bb834c136 Loading...

	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0	9.5 kB	2023-03-08	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:31 Last Seen2024-04-26 05:04:06 Times Seen14390 Hash 4ffc462852340d9e6b5b7b29276fcb71 5e04050e09e3f7d8107ef3b9aa9313be618c460e 18336635cd5e9edf2aff3ae18b67250684311c2a459457091b063dafba57d526 Loading...

	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6	21 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-26 00:33:29 Times Seen3349 Hash f3d7b1578081c9cf982cfbc29f514836 fdb6b04b917b9a1c72e3cf2da686c2584d3fd50f c0f874276d38c6d9e43767d76a15de39506461b268a3cbf19fc8218f3ec8631a Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.header.js?ver=1.0.7	46 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.header.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:25:19 Last Seen2024-01-09 18:56:40 Times Seen25 Hash da8e6062fc6df06d66405f3894ac0090 225b7aa84e92c96dfe4b0eb32a0435fc1ba8083d 327f498e13e0a8166699d8d770f3806775c2707dd893d18f0139b84b0b9d8576 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 06:23:30 Times Seen37085122 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	afribookmarket.com/wp-content/plugins/bookwormgb/dist/frontend_blocks.js?ver=1.1.3	248 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/plugins/bookwormgb/dist/frontend_blocks.js?ver=1.1.3 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:40 Times Seen7 Hash 88ec0c7d16a0a7566ffaf553285ca353 e86b8aa8cc459fa89bc3cdd66450839f9d720d50 4a7281ad419878c7b2db9547e732391ab8913976aeff55483eecb10e70a6bae2 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.concat.min.js?ver=1.0.7	40 kB	2023-03-07	2024-01-29
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.concat.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:33:28 Last Seen2024-01-29 20:04:15 Times Seen49 Hash 273eb3e98756c261fba6049f716c056b 1c84588d328b60c75b977fe5f4908ac52862d27e f98e54ed7bf9bda32a9479cde705656b547db35e0d4a4c2a63dd190b44b63567 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.fancybox.js?ver=1.0.7	5.7 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.fancybox.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:25:19 Last Seen2024-01-09 18:56:40 Times Seen17 Hash c000e93586fac716b1d0e16210259cfe 2cd09dd8acfeca25259ccd07b3f3d366b2b19a60 05d6df6e22bc84bf7b77ac1e456d90afb2e3dab68160dced03449461fea93c35 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.cubeportfolio.js?ver=1.0.7	5.1 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.cubeportfolio.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:24:09 Last Seen2024-01-09 18:56:40 Times Seen15 Hash f0ab5811061f746ce22ad88bcbcf92ae 189d4fba4df1c297899985fa58830546fe8f4ff8 f1f130c87931bf26fbadf4538928ca61adef0bb666cefbdac7c659bd48cceded Loading...

	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0	1.7 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:46 Last Seen2024-04-25 22:46:21 Times Seen2299 Hash 23b0d9051790b4a386f66ff1836815bc 0dc76a6bcad4bdce1b88ec6e68215733c97fc520 69a15ba379260f131f7dfa2a5414cbdc48db661ac21d696773c7e67259255ca1 Loading...

	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8	174 B	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 13:07:05 Times Seen351 Hash df8d6b24a870f878b16510e5dca1631d 588d0f674156a3208cee87b897af15f40854e484 499999d720ab71bdffc4e0115b8b05e1d5997f12e482426546a58a00edd77f74 Loading...

	afribookmarket.com/oesi/?qbot.zip	192 B	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash cd99cfdd11c3d792356c6355f5a7db99 8a53ba2c8bd051d056e0a5e666b92d289968fa83 5b89f80af9f51088fcd73d2e086789541948addc9ac4a60310ac40402384d005 Loading...

	afribookmarket.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 05:52:00 Times Seen68654 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.min.js?ver=1.0.7	43 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:34 Last Seen2024-04-26 06:02:10 Times Seen34436 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0	2.1 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 05:04:06 Times Seen22410 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	afribookmarket.com/oesi/?qbot.zip	268 B	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash 6a666278d986837368c2a089fb9a00aa 72a82586e4ae08ee425b7ace25fb5f05bc8f3496 e31d4a0e426b39357ac9428cedd0564b753291a639a86ae21d83c75a49adac47 Loading...

	afribookmarket.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1	11 kB	2023-03-07	2024-04-18
Pretty URL afribookmarket.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:10 Last Seen2024-04-18 12:49:19 Times Seen542 Hash 0dc4a04efdf47cdf1389331779edfa2f 2ca9923fdce4e3e5d45c14bf61aff6c0b4964ffc 7441e843483c183606e93bc717055148574dad9bc39cb9ecfef062c1fb2d9e1a Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/appear.js?ver=1.0.7	8.1 kB	2023-03-07	2024-01-24
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/appear.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:32:27 Last Seen2024-01-24 16:19:56 Times Seen59 Hash 33ffd10e4a4b26c99527ab867558e4e2 d0fc55efe5a19d99e0b200233996901cdf278de5 6166bbbe822c144caad65abb563b0de8c337b32219cd9ca9903678bbeff0e768 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.go-to.js?ver=1.0.7	4.7 kB	2023-03-07	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.go-to.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:00 Last Seen2024-01-09 18:56:40 Times Seen42 Hash 2fcccb886658a5da9a450099b0b14ec3 f96ee83c1ff98c509c33ec2bb8b20707babfbc38 0cb252bd7da49a2d4b8a53730a6ca1bb912ed9ed25cb71718385613df7040e2d Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/jquery.countdown.min.js?ver=1.0.7	5.3 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/jquery.countdown.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 23:20:19 Times Seen7520 Hash 5d3ff3c3fbaa67cc639501f44eeb07be bd66e4cd58de09c198e7abc77fa4c883955d189e 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f Loading...

	afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.15.0	25 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.15.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 04:54:53 Times Seen828 Hash 540be7a8259fbeaf4a732a344b267a7d ac51cc9bb5df51bd9568de8707b9b176f7d60254 a692f16cca3d27ae6772b85e05c46d117ca45678783d5ee010df7d67e8f12485 Loading...

	afribookmarket.com/oesi/?qbot.zip	8.4 kB	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash f85dd9dde4c21e2941fa9729761b97bd d97e1917401cf885ab2b35201f360e666c6f5f89 35f0be625484042de2c0a4fc406d62ca94e2ff5ce81180155195bdae2fe7d169 Loading...

	afribookmarket.com/oesi/?qbot.zip	348 B	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash 12cf42ed75a9fe751ec2f86792641b64 99545203a3cc072b7fe23527dcceeec7b00e6fdf 4db54c2324d5bb93c90bae690f52c37e7f5bb50415f821703e07861d655c392c Loading...

	afribookmarket.com/oesi/?qbot.zip	96 B	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 00:33:27 Times Seen3551 Hash d8772bfb2ec7dec5262a932766aa1669 8440292e305868d90f6f15a3ea6975a3b9774f43 c19c2ee1fc048012374a6d75c822daf9b7c0d4ebef7ab8df1ab22b229a00d012 Loading...

	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0	2.9 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 05:04:06 Times Seen13991 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.onscroll-animation.js?ver=1.0.7	4.7 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.onscroll-animation.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:40 Times Seen10 Hash 420ecbe27e4b6715fb9c340b15ea3115 9e04ddad4c234c554f6555a722ef107c41598fab 6d19c7555eb8dd6802725c4d7805557d089512558d6701c20563551e16faf92c Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.countdown.js?ver=1.0.7	10 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.countdown.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:39 Times Seen11 Hash cec83cc572d422417e97ba2919de244a df1486d9f225092c15306d537bf2d9f9c9a46db4 56c46e9f5614570ccc810dfc40d37945f9bac352e6734a36da0b33a59eea6b79 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/popper.js/dist/umd/popper.min.js?ver=1.0.7	20 kB	2023-03-07	2024-04-24
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/popper.js/dist/umd/popper.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:07:09 Last Seen2024-04-24 23:01:14 Times Seen403 Hash 84910d80281fc6b554f4ae2d14612494 af6f046adaab7e1501adee034fb7c366b8c059fc 106b3d4f5c4c1ddbccd6078cf233e9a28f04675575551b26709cfc381c8434b0 Loading...

	afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0	15 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-26 00:33:29 Times Seen4426 Hash 157f18464a93eab7fb62a7f3e618ac2c f47727e80d529d6e4941fea32f2e8a8ee5008b8a 9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306 Loading...

	afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21	12 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 03:35:15 Times Seen2017 Hash 06a3b48689b0314af6c5da5b6ff27bfd a98a815d90cba195409d39bd74d31b1e6f9dbf95 4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/bookworm.js?ver=1.0.7	9.3 kB	2023-03-11	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/bookworm.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2024-01-09 18:56:40 Times Seen7 Hash bd1507bc1a5f90658d63ccb2f8397d48 a0b4ad72a6334f5fc531c714b78cfc6a23b87bda 61af0a4678ab67914f41772e9956bb432daab308a18afc5aeb0e6cbab966d12f Loading...

	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5	25 kB	2023-03-07	2024-04-25
Pretty URL afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:32 Last Seen2024-04-25 22:46:26 Times Seen911 Hash 7e539226482d5d4835f6da6642245c3f f367aac9dd8c86f072e73c11c6973f53465b6161 2f4cfbbc8e5ec834092f3e40158b5a1b1551fb0b8e5bb9894335bac7b49f913a Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/js/bootstrap-select.min.js?ver=1.0.7	45 kB	2023-03-07	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/js/bootstrap-select.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:44 Last Seen2024-01-09 18:56:40 Times Seen21 Hash e6190469e8f5631ed4159474cb151eb0 8734d96d1f95e11eb580c51891dd51a7e9580912 e3d8479c386e54240dba617aafc7d25e71a06a4af65467b9b8091b4c6fbdc411 Loading...

	afribookmarket.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0	1.8 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-26 05:04:06 Times Seen21609 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	afribookmarket.com/oesi/?qbot.zip	515 B	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:57 Last Seen2023-03-11 14:16:57 Times Seen1 Hash d0bda27d17744dee96adeecebcb9672b 55babe26b3baca59bf27de7b5dc72bcd3176bcef b90ff174b262b4d686dd2dfcaa1e542a79c2e8cae7748ad661eaf871c2269a9a Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.selectpicker.js?ver=1.0.7	1.6 kB	2023-03-07	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.selectpicker.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:00 Last Seen2024-01-09 18:56:40 Times Seen29 Hash 00dcbbefd607a075e2b1e210d90a20d1 255e41bb91e4de5b0172ea0857eaae34f240b5ee 5c57e2820fa19fe72f134b61a5fa3488cb3a902314d13d6054d0d873f34237d7 Loading...

	afribookmarket.com/oesi/?qbot.zip	32 B	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:05 Last Seen2024-04-26 06:05:24 Times Seen3397 Hash f28cdba8b1a33fab7b4935482c683e17 7fb92b438ae880e659636e12f78ecca1ab9dd1a9 76d9ab1fc9999540d0f7167df3325f71fbd86160eda576cb60f285b0e65d89a9 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.slick-carousel.js?ver=1.0.7	14 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.slick-carousel.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:39 Times Seen7 Hash e1412eebf3d84f6704c5c9aa0a261513 64b700b2844edc254170639fc402aef68ec926fc 9540d542549f6eff5018ca34bf3d7ea5e55ad8875530341df98cf0ac958f3e74 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/hs.core.js?ver=1.0.7	5.1 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/hs.core.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:51:27 Last Seen2024-01-09 18:56:39 Times Seen7 Hash a81f818c0284ef15df5cca5620058be1 8ee90b6f7f9538315776624d281a1b0baffbd4ab 85dba4f1d38b7f5244101b287a26c6a2b015bd58dfe37d8909e0e98ac771267f Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap/bootstrap.min.js?ver=1.0.7	58 kB	2023-03-07	2024-04-17
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap/bootstrap.min.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:59:21 Last Seen2024-04-17 23:58:54 Times Seen678 Hash cd02e741d8e847b6933f383c75c73043 8260ff4bf54350c075bc10d18e349d158e1a4af1 66907191e2befaf2e1e29ba4b6061db28ece17499e32345fbb23df562cf02d87 Loading...

	afribookmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-26
Pretty URL afribookmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-26 04:19:36 Times Seen31827 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	afribookmarket.com/oesi/?qbot.zip	152 B	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-26 05:04:05 Times Seen19932 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	afribookmarket.com/oesi/?qbot.zip	237 B	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:58 Last Seen2023-03-11 14:16:58 Times Seen1 Hash e2a5a3277a931bb38e1ac6a6d69be6db 6d3a62cdf4227cb883b399a0ce2d0842601708b1 2d48752ff53ed815797c1e4dadb10add5322ca1ee17f21efb23a25d6d13eb5cb Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.malihu-scrollbar.js?ver=1.0.7	2.1 kB	2023-03-08	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.malihu-scrollbar.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:24:09 Last Seen2024-01-09 18:56:40 Times Seen19 Hash be456792968b38020f75eb721ca45e72 13cf1751a1807baf9f677e30fb1bf9d2fd420e01 ccefb4e10947ad06eb502a2a2e1af1b05e0e8e68364f0ffb6ab7002d299cc268 Loading...

	afribookmarket.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 01:56:03 Times Seen38055 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8	32 kB	2023-03-08	2024-04-16
Pretty URL afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:29 Last Seen2024-04-16 12:00:10 Times Seen128 Hash 221849366766d33d502fc4e834ede6a7 515296e17cefc33563ed684f857f76ccaf3120f7 11baea68c49d9db48a69c542cefa35a229d6a89c31676e84d9912d4fdf2f5154 Loading...

	afribookmarket.com/oesi/?qbot.zip	1.4 kB	2023-03-11	2023-03-11
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 14:16:58 Last Seen2023-03-11 14:16:58 Times Seen1 Hash fbe2cb1b5eddda5b48bcd5a4e14b4cd1 bcca03ca0c878e8c82e6c2be6becee08f75331e5 2e057d220f19bacc39fba825e81ee115d8891b21800fa4384853cb3a44129e28 Loading...

	afribookmarket.com/oesi/?qbot.zip	491 B	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-26 00:33:27 Times Seen2044 Hash eda0861d93eea53c3286b2fd93d2e42d 979767d815a8847b00fe1d45a5757fdf67b8ca1b 6e799f88d7836b96f8d81538a375039937e497b6a103bd1d259dfef980fdf926 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js	2.8 kB	2023-03-07	2024-04-25
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:38 Last Seen2024-04-25 09:08:20 Times Seen3382 Hash d5843dbdc71ff8014a5eafd346a262da 127e1d971efab9341db8079f10663dc28e8e0a2f 8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5 Loading...

	afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.show-animation.js?ver=1.0.7	2.6 kB	2023-03-07	2024-01-09
Pretty URL afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.show-animation.js?ver=1.0.7 IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:18:00 Last Seen2024-01-09 18:56:40 Times Seen37 Hash 434056bd890f49c89bb287c6b67e4dfa bc5e2470453faf516d8a8cbc4a2db8661cf6ab75 bc6ea6eb667dfd8c5b0548541ef2b380906d9cca026293c0cd0d7d7554ca5a79 Loading...

	afribookmarket.com/oesi/?qbot.zip	9 B	2023-03-07	2024-04-26
Pretty URL afribookmarket.com/oesi/?qbot.zip IP 63.250.38.5 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 06:23:25 Times Seen16151 Hash 5e543256c480ac577d30f76f9120eb74 d5d4cd07616a542891b7ec2d0257b3a24b69856e eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c Loading...

HTTP Transactions (111)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
30c30d01178fc74ac5266ee64c3ee85b
c0c2af8a864c00aa85a8775d55f85ab107150a3b
c15644f69fbfeb99074c7e9711dfc9452ee164fa78eb981b6bae4fb7e3585f2a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C15644F69FBFEB99074C7E9711DFC9452EE164FA78EB981B6BAE4FB7E3585F2A"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2237
Expires: Sat, 19 Nov 2022 01:29:59 GMT
Date: Sat, 19 Nov 2022 00:52:42 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67f53a639d57dd6237b5be86fe4f6c1b
287f09532dc331228d09c20b75f4160e91e9800a
41913a8af366685c42af59e9d8e02fccedbe68a3313d2d9fe353deb0c1019075

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5360
Cache-Control: max-age=126465
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:42 GMT
Etag: "63775eeb-1d7"
Expires: Sun, 20 Nov 2022 12:00:27 GMT
Last-Modified: Fri, 18 Nov 2022 10:31:07 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e84f361a3c81abc5d665a5f441452a8
7aa4b9cb0a7ba1daa514dbb48fe8e74fdf09b60d
04d64920cc8e6b096841938b0c1140889f5d7a04eabd440934a31f1c7ab90352

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04D64920CC8E6B096841938B0C1140889F5D7A04EABD440934A31F1C7AB90352"
Last-Modified: Wed, 16 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4595
Expires: Sat, 19 Nov 2022 02:09:17 GMT
Date: Sat, 19 Nov 2022 00:52:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 00:45:04 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 458
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: DrWI9591zi6vYKEESHjn4Qnuwr+KToe9k7dk8fgWgessFCqG3/AaXV6Tp7dsl6AVTw+7aqn3hP8=
x-amz-request-id: FCX744S5BWYWN5ME
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 00:15:48 GMT
age: 2214
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 00:52:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d0f9a92f0e49f46e778ceb3e2a379ae3
c4d8be7651489aa56b2d8d8cc14d4e301d195f15
4eb1c17bb79f59460093697f5a8f8fd936dbe82b30728cfa9273d3f1dba40727

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 00:52:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 17 Nov 2022 01:18:00 GMT
Expires: Thu, 24 Nov 2022 01:17:59 GMT
Etag: "c4d8be7651489aa56b2d8d8cc14d4e301d195f15"
Cache-Control: max-age=432915,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76c4f6f89bd0b4e8-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 00:44:49 GMT
cache-control: public,max-age=3600
age: 474
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fe40cc6ea871d80382b6082111393fbe
281f75d0a35dc8ef908bb0500e57abd86bd5388e
6d15422cdf7a6d72d06497188f27af893682314e82ac8a189a0ee2d798cb62d7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3524
Cache-Control: max-age=119577
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:43 GMT
Etag: "63774b30-1d7"
Expires: Sun, 20 Nov 2022 10:05:40 GMT
Last-Modified: Fri, 18 Nov 2022 09:06:56 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.38.146.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.38.146.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YPIrgZBxJyecV9k4lJXIZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1M7PQl9fKzn2sGHaMhPKqoQaWtc=

afribookmarket.com/oesi/index.php?qbot.zip

63.250.38.5

301 Moved Permanently

0 B

URL HTTP/2
afribookmarket.com/oesi/index.php?qbot.zip
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /oesi/index.php?qbot.zip HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://afribookmarket.com/oesi/?qbot.zip
x-litespeed-cache: miss
content-length: 0
date: Sat, 19 Nov 2022 00:52:43 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4456
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Sat, 19 Nov 2022 00:52:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4456
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Sat, 19 Nov 2022 00:52:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
17af07b019100dc8adb529ce85f827bd
602adaa722e9a3ee89600ebe40cea7033c435483
aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4456
Expires: Sat, 19 Nov 2022 02:07:00 GMT
Date: Sat, 19 Nov 2022 00:52:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11249 bytes)
Hash
481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dl79nhvE2ms6WR92t9I2_w19T3CRh6V7ZGj3UVureNERNmxywD3k8A==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 03:36:29 GMT
age: 76575
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9146 bytes)
Hash
11bb9d337001b4d155c63b05a0dd9945
14de1c48a2fe80b5947945c9ffa9630f03c5447a
8ee6d3a2f6dec36c49361ef855edeb170e92fbeff29d2ed77c7fd0cf44cfecf5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e1d1acd-0ae6-485d-9dd4-2c0c8271a9d3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9146
x-amzn-requestid: e42f040e-a2f9-4538-bbaf-f1e64719f424
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brsmpGr5oAMFsmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748e2a-15b03190049271db549b1770;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:15:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: OjQm2RW65ZJDsUNay0untDwlufnFhXHwbpfAnCwEK3seEDiPIKrnfQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 09:25:03 GMT
age: 55661
etag: "14de1c48a2fe80b5947945c9ffa9630f03c5447a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.1 kB (6103 bytes)
Hash
84839dd7a1d5d50d40a848e92d3ae6ca
150c83236b3518afce551ef94e2c3dddc275ce3f
fb9fffd5dafa855d3f16aefcdf31f656ea5219547a91b336ab41a998ead28050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ca9564d-7ca4-4217-8162-042e0f55563e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6103
x-amzn-requestid: 4f0d1ea8-611c-48cf-be66-dd26b6d56a93
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubTBFxDoAMFfYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5ac-4222e7656cb7a56b557d5b13;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YM0BFDOdbIGTHNyKQWEyo2iBlYCd7FqHVuMp9zeFC-4tiGYKTI4qIg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 03:41:36 GMT
age: 76268
etag: "150c83236b3518afce551ef94e2c3dddc275ce3f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141ee43e-4742-4784-a9a2-359cfa7ac9a3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9681 bytes)
Hash
859348e84041e7934b7f959f087a3679
583310946175391015cb46fcfa476cca96ebb9a9
7fba6813b2d8f06a6098b2c628580190b094c79e300744506344a3febc5f06de

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141ee43e-4742-4784-a9a2-359cfa7ac9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9681
x-amzn-requestid: c786a64b-40d2-4de1-adee-3a6ee4d791ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brlnQGuWoAMF_Wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637482fb-02471a5a3d5f299d33f7b026;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 06:28:11 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Vaw_JJDie7z-IE1-40wBV8wW2dlZi8TKXbf3I0ZWw4NrtWZkHT2yCg==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 16:42:12 GMT
age: 29432
etag: "583310946175391015cb46fcfa476cca96ebb9a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8059 bytes)
Hash
dd028e5379061f8bf0d569506979a05a
7896c55cb0bf1997f1e9ab31028b04c332bd6f10
f8a32af3451f196bd2ded7065923a3ad5392c0dd3a82c53cf03a948d183cbf9f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f739db7-4732-4b66-9c50-59fa4416df43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: c1d671d3-b2fd-4783-88d4-9214e79110c8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubp2F_poAMFXEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a63e-4be65dc658902d1246ef61de;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:10:54 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: faNrkVWTpgsV8lGKV-6ol3UYu0747uJcA9fzMiXlSonLf39x5ziOWg==
via: 1.1 518e9e955219df783352433cc5e90672.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 03:36:26 GMT
age: 76578
etag: "7896c55cb0bf1997f1e9ab31028b04c332bd6f10"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.9 kB (4851 bytes)
Hash
459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SFO5-C3, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 03:30:57 GMT
age: 76907
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afribookmarket.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1

63.250.38.5

200 OK

982 B

URL HTTP/2
afribookmarket.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4186), with no line terminators
Size
982 B (982 bytes)
Hash
24f4d7f425e792ab35adaab50816e54a
9e25bf79b674ddb7ba09ad7f118c50ec473c02c8
1c78bfb4d523785a4ebd37bb1f79f214f9bdb16673f7cc50805f7f1a26ad7f83

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 08 Jun 2019 06:15:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 982
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

63.250.38.5

200 OK

2.4 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.4 kB (2394 bytes)
Hash
ce94f62588d05264ac0148712111cb11
518bcd922f54169aeb199c0ccbc5877165ac218e
84ab658a69c39f424be0b27f61d612447d01606fce33beb962cbea53627d8c81

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Wed, 30 Sep 2020 01:23:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2394
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/css/classic-themes.min.css?ver=1

63.250.38.5

200 OK

217 B

URL HTTP/2
afribookmarket.com/wp-includes/css/classic-themes.min.css?ver=1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
accept-ranges: bytes
content-length: 217
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5

63.250.38.5

200 OK

1.8 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (10435), with no line terminators
Size
1.8 kB (1754 bytes)
Hash
f7237084ac82ea6a4f5bf1448c3a2148
60457635a5e809ee1199c61090d8e33b91e8e1f2
18a1cb7f08c1ace52a79f46d73461ed03bf8cf5c9e8a3687eacc3e04f08e7a09

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.7.5 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 00:12:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1754
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
feaeba711c7421b074e726f89ff34e0b
c590c0b76a7a78ab51a4dabcd8f20a1b172b02fb
ebe6e312ea7116713547fbd756805843b1c242ad22269158a79305f1819fa990

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afribookmarket.com/oesi/?qbot.zip

63.250.38.5

404 Not Found

29 kB

URL HTTP/2
afribookmarket.com/oesi/?qbot.zip
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10124), with CRLF, LF line terminators
Size
29 kB (29323 bytes)
Hash
950b6adeeee211422ae93c735db1e497
f7255992da78fc4e32194a0f6914122278498349
9d3cd132703a51902baef232bdac029af476193b8df81efbde1d16b75e5fe9d4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /oesi/?qbot.zip HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.33
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://afribookmarket.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 1cb_HTTP.404,1cb_404,1cb_URL.9d89442c7600b27c37bd4e25b36d7aaf,1cb_
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Sat, 19 Nov 2022 00:52:44 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/mas-woocommerce-brands/assets/css/style.css?ver=1.0.6

63.250.38.5

200 OK

525 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/mas-woocommerce-brands/assets/css/style.css?ver=1.0.6
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2792), with no line terminators
Size
525 B (525 bytes)
Hash
45c7c5ff0f26fc7367aa7f5819d69f33
4540a85d152b0e821f743c6926393844eb2e9a66
45a12f5059b18fc20889ef06005c2f01a55e38b3f68ff06f7d2b1f6c5f2bd596

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/mas-woocommerce-brands/assets/css/style.css?ver=1.0.6 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 08:49:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 525
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21

63.250.38.5

200 OK

1.1 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.1 kB (1060 bytes)
Hash
263b70217f905feda4c01edde0b2737a
5ee9d3538967433d441e6aa357bf166724200523
1c82d8152cb3112b7df9b40a89ac28db20e51562266c13d392e8530fc06cd5ce

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Tue, 28 Apr 2020 20:38:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1060
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235

63.250.38.5

200 OK

3.2 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (14979), with no line terminators
Size
3.2 kB (3174 bytes)
Hash
0062beea511654369ca51739fe76be5b
d6f7b3d277f3f4ed4c91d95ff8538482cb9ce75c
690b373a81288b5c6d40ce5b038c0b859244f2ca078ca96e7c571cbb51656d69

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wp-store-locator/css/styles.min.css?ver=2.2.235 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 13:07:11 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3174
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

63.250.38.5

200 OK

12 kB

URL HTTP/2
afribookmarket.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Thu, 17 Nov 2022 22:01:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5

63.250.38.5

200 OK

23 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
23 kB (22871 bytes)
Hash
0c6730c96c60030ddaf42fcf5daf3b17
feb4c0071f27718582e58d365022a1b559de5765
d996bec53b493bc579754f29f7d6d0b5332f3354c860a3787e2365a79c44f995

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.7.5 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Thu, 03 Nov 2022 20:38:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 22871
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/flaticon/font/flaticon.css?ver=1.0.7

63.250.38.5

200 OK

671 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/flaticon/font/flaticon.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
671 B (671 bytes)
Hash
c1b561a813e68026dc24c67395934abc
3ef12e98a3b6389f806eb31e748e8242c30781b3
1ae121c0403d4190ffccba98ac64a76dead2b6e1fb2b3ae09d377c49afd675b9

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/flaticon/font/flaticon.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 671
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/animate.css/animate.css?ver=1.0.7

63.250.38.5

200 OK

4.4 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/animate.css/animate.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.4 kB (4442 bytes)
Hash
9838d06672d8dabb6cfba516c9034aeb
bb9ea78d9f292462c90e7cd579fd5f9085a110a5
44c724fb3304db7244a7397fb73231a3840e48c26cdf103ead3c49b887326167

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/animate.css/animate.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4442
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/css/bootstrap-select.min.css?ver=1.0.7

63.250.38.5

200 OK

1.8 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/css/bootstrap-select.min.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9568)
Size
1.8 kB (1766 bytes)
Hash
5e3cf4d2224eaa28aab5362e9851e406
b5b6612840cbab2231a5b31f470579e269d8872a
1824653c3ff3909e886a149b41c9765eb7528c70fbf88ee65784c091d8d46caa

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/css/bootstrap-select.min.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1766
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.css?ver=1.0.7

63.250.38.5

200 OK

483 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
483 B (483 bytes)
Hash
1e4f6b1a5456c5cefdd025118bf4e6b5
5713171df86af73933ccb408bd352ae4267fd196
80a0639fa558bbfef356bcdbf900c4586b7b51834efcec690384317ec52c7676

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 483
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.css?ver=1.0.7

63.250.38.5

200 OK

3.6 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (344)
Size
3.6 kB (3592 bytes)
Hash
11df774af7a20a8dfb2e802668ef0e82
a3fc2ffdcceae60ae9cd826dcada9881251f605d
1ff56a211384bc68f474a7feda16d82ee8dd4adaa8ea196033879cdaec491bd3

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3592
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.css?ver=1.0.7

63.250.38.5

200 OK

5.3 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
5.3 kB (5310 bytes)
Hash
8daf0c095e45fb483ce411415edc5441
93e00ecf1ce4f7985fe9c44a57b11f41e48b4923
5a8c1ab360c73ebc303f2ab45fb9963e4f96907685a979984f61f678f4b41f23

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5310
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/css/bookworm-icons.css?ver=1.0.7

63.250.38.5

200 OK

1.8 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/css/bookworm-icons.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.8 kB (1842 bytes)
Hash
5a1e92f983ded166523c29a2ed221464
9e687dba833914f15961c6bd856e88c2edc9bce6
22afd456a0cc87330b6802b44bda06ffde22e4700f4ccf70fc0e94e9d083b32a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/css/bookworm-icons.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1842
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/css/colors/red.css?ver=1.0.7

63.250.38.5

200 OK

822 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/css/colors/red.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
assembler source, ASCII text
Size
822 B (822 bytes)
Hash
cdf24a0bbfc5013c290af846e446a203
76a342839ef0be1ed28b67d1f0daba04df226a5e
a4801f35dd5deeead2fef21eb58f438dfbd150f88354dfb63b0bd97536d4de9e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/css/colors/red.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 822
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

63.250.38.5

200 OK

4.0 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1

63.250.38.5

200 OK

4.3 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/dist/vendor/react.min.js?ver=17.0.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11082)
Size
4.3 kB (4285 bytes)
Hash
37ba49127420039aa947a0576265d685
d7a41dbe4d9493d8cb03a18035978d9a00d7cbd6
7e6c361ab2be11ceae26483006ca5bd8f5e663ae0c4a94b70c9c1c620a6ac38c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/react.min.js?ver=17.0.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 13 Apr 2022 00:42:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4285
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

63.250.38.5

200 OK

6.3 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Size
6.3 kB (6335 bytes)
Hash
fecbc00e8af71d8cfb678cd811c7cb2e
44e5dd77f62cb5c67271442b75cdff10d45f2f8d
d6f03fb4728d0c23251451df8d66b5107d3c87458dc624aacfbad437e99d01f1

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6335
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

63.250.38.5

200 OK

2.4 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6

63.250.38.5

200 OK

493 B

URL HTTP/2
afribookmarket.com/wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1104)
Size
493 B (493 bytes)
Hash
7588dbcae1ffe1ccc32edd47ada41e96
668e7bb441f6964586f8715ccd984676001e24b3
eecc99db9c696e17d6f944cc88c5dfd49520451624ad1da6d64622aae5541e82

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/escape-html.min.js?ver=03e27a7b6ae14f7afaa6 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 21:34:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 493
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.slick-carousel.js?ver=1.0.7

63.250.38.5

200 OK

3.5 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.slick-carousel.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (404)
Size
3.5 kB (3501 bytes)
Hash
d4f8fafe6b6ad75570ca1b07e4847021
ea19320c0d76562608b84f1a582f1764606b21d9
5a2a8d460083cc94d903087f5a7503328cf8890dbb908afc1c7a251c3b14688a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.slick-carousel.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3501
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b

63.250.38.5

200 OK

4.7 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7680)
Size
4.7 kB (4705 bytes)
Hash
61ce7e162bdb5fe5d0d07eeb024a08ef
240fefea97e483ebfaab7784186eb27b594b57b8
78473845cb5a9c8ea7cd8c4c13b3163d114177cdf721d074e985ef42bedf90e5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/element.min.js?ver=47162ff4492c7ec4956b HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 01:13:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4705
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.countdown.js?ver=1.0.7

63.250.38.5

200 OK

1.8 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.countdown.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.8 kB (1790 bytes)
Hash
3ae125877f4a520dc925e6d5aa313293
73a3b727eed63c28b7725abcd29eceb05ffa468b
f7fd0c2abbd5535bffae6cef39f3753b6e8059c3a36ad2dc6adf4498b687f820

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.countdown.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1790
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/hs.core.js?ver=1.0.7

63.250.38.5

200 OK

1.2 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/hs.core.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.2 kB (1232 bytes)
Hash
86376895695a41a7d5cf180969904550
25aedfe7e143456beec51bb2eb316028a26e45ed
1e75e985f6698eeea7709b7c008f55988ad950fef2b0550a6ea714297c3ff7c2

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/hs.core.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1232
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8

63.250.38.5

200 OK

5.3 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (40956)
Size
5.3 kB (5307 bytes)
Hash
dbb717777cdc1af3d2dbebdecc971dab
096cd5c70502e2a0ae60820716894ca55cdc55fe
b79e296795cf1c10e91e134dc5a84a4405239eef5c47173078faff91fdb3eddf

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/css/wpforms-full.min.css?ver=1.7.8 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5307
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/popper.js/dist/umd/popper.min.js?ver=1.0.7

63.250.38.5

200 OK

7.0 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/popper.js/dist/umd/popper.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20363)
Size
7.0 kB (7007 bytes)
Hash
99dce4f24d461ecbd569c921d11461fd
5ddb3aa23a141abf9f5b11730fe805f8c9e5e44e
d7a7c1b1fddc091b269d73a4968d2b24fa4c0881cc0b57853f6cb4b45cd2cc86

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/popper.js/dist/umd/popper.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7007
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/jquery.countdown.min.js?ver=1.0.7

63.250.38.5

200 OK

2.2 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/jquery.countdown.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4136)
Size
2.2 kB (2238 bytes)
Hash
34ae27a14c6bd0b97adf30d7e95b58f1
4d749b45dd156a57bd1899816d4ae9c1912220c9
84f9cbde735393b7d9d808b41f0bf37d6dc2e91be301da73f91ab49dcf07a608

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/jquery.countdown.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2238
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.15.0

63.250.38.5

200 OK

6.2 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.15.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (24951), with no line terminators
Size
6.2 kB (6249 bytes)
Hash
a8cadbc3c514fca4b31fd8d98bd99922
503b0d92ee27b87f4a7f9c5163d25bbadd90bd38
79bf34585f2d00399b1eb5020da9085931f5cb56fdfe643d4db3713959a2e2f0

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.15.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sun, 19 Jun 2022 18:19:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6249
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0

63.250.38.5

200 OK

3.2 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9111)
Size
3.2 kB (3247 bytes)
Hash
078e27719ab2b91e57a3d06d05bf24d8
ee2c8af72d9dbb148d4101a374f6026d0c9c3044
1c8b599f3f7bfa8d7950d95a171f2c873d051960a91c91e22304293596e5b890

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.1.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 00:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3247
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0

63.250.38.5

200 OK

3.5 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Size
3.5 kB (3500 bytes)
Hash
8e3bd2af5dfce9709733e4adabb032ad
94aa210458d7103cecb401ef0a71100ea48c2ed7
a24331f6cb5f0d263a8aa7a78e9105ec5956f82162f30d718fd23fb325d7b669

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Thu, 18 Feb 2021 16:35:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3500
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6

63.250.38.5

200 OK

5.4 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (21310), with no line terminators
Size
5.4 kB (5350 bytes)
Hash
33081d75af44148dbfd85f7f8f4382ff
a2bac4c76a6a40839a6682df66eb40cd8c4d470d
b8dad2c0f7d74cdfcf2b9f96a17f72886b64edab3e392f7d72df15e1c1ac3119

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2022 23:16:40 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5350
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/css/fontawesome-all.min.css?ver=1.0.7

63.250.38.5

200 OK

12 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/css/fontawesome-all.min.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57147)
Size
12 kB (11958 bytes)
Hash
78ba0f087a3b65e4df54645db2ecb9f9
e6793c9bb3f372c21fe3e5b3cc89c0a7828b138d
d0287475b0c28072e8a4f3cd952703a4af634cf84b32a186a6c8f3baed0aaaa4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/font-awesome/css/fontawesome-all.min.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11958
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/css/cubeportfolio.min.css?ver=1.0.7

63.250.38.5

200 OK

12 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/css/cubeportfolio.min.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65254)
Size
12 kB (12080 bytes)
Hash
586560bfdcdda5c3f60a63d6035567aa
2adc16ae4dd9ded86e26d243c0b4bf075cd0feb2
336eab3cf226680dc55f2a094b88dd321f860cd95297504272901ee350753770

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/cubeportfolio/css/cubeportfolio.min.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12080
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1

63.250.38.5

200 OK

16 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
16 kB (15569 bytes)
Hash
689ebe98eda70de6e971dd03b18f0328
218ed8ee8e28b44f8492660c2c750f47ae0b3447
945844c773bb0f2ed5f1fb8d2f5ff8a4b9471860df265eda71fa679ff98ea80f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 17:51:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15569
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.min.js?ver=1.0.7

63.250.38.5

200 OK

10 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (42862)
Size
10 kB (10097 bytes)
Hash
09ed72c756aef05979d1c10d176eeb7a
1f3c35043f1aae481a38b40327fefb959ff63885
8638bee02f96fc15e4a3dae0ae220e31f020ee0b10c8eb5f829d9986b3fc53c4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/slick-carousel/slick/slick.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10097
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap/bootstrap.min.js?ver=1.0.7

63.250.38.5

200 OK

15 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap/bootstrap.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57791)
Size
15 kB (14733 bytes)
Hash
49b924c7e2e5212444b2aa7295d2f50e
69336f38681bf08d49fa417a58b6f5b386258e3e
6e2eae0217bec6b0d044515261ca9272a82456fdc222b573c4f1089f966d265b

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/bootstrap/bootstrap.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14733
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/uploads/2022/10/cropped-cropped-flyer_20221019065317_2.jpg

63.250.38.5

200 OK

4.7 kB

URL HTTP/2
afribookmarket.com/wp-content/uploads/2022/10/cropped-cropped-flyer_20221019065317_2.jpg
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 340x87, components 3\012- data
Size
4.7 kB (4676 bytes)
Hash
d3cde76f355bc6a44d8c073eff6cc847
4971f000455f338998891253e482c5949f98dd5b
07f042b9e4981c3f89a45644db6763f8ce8edb03cdb8c45113d914dffd2f62d5

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/cropped-cropped-flyer_20221019065317_2.jpg HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 14:08:18 GMT
accept-ranges: bytes
content-length: 4676
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0

63.250.38.5

200 OK

899 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.1.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 20 Jan 2021 04:55:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 899
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0

63.250.38.5

200 OK

972 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (3029), with no line terminators
Size
972 B (972 bytes)
Hash
5ed77e0c59800f40061b5c322cff21fa
ced9d401d300dd1fc676a673bbf7e6360beb402d
3b284b8a096256e6cd0d9cbf2cb4b36505e71c0d7b2227fcd3132dddbeea18cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.1.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 19 Oct 2022 00:34:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 972
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21

63.250.38.5

200 OK

4.5 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11827)
Size
4.5 kB (4457 bytes)
Hash
ad837a8d18fb12f3db5d03cef2956caa
520179c7b4cd32f94386f4576e439e3689e18747
b6618604f7dadbad0b877cf727356465919707ceec7965c340adeca61d824b36

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Tue, 28 Apr 2020 20:38:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4457
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0

63.250.38.5

200 OK

677 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.1.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Tue, 18 May 2021 21:00:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.20.1

63.250.38.5

200 OK

1.2 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.20.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4602), with no line terminators
Size
1.2 kB (1201 bytes)
Hash
6a5cf02c457796835cd28c6197b3b064
c58cdd6ea85cc624e313c7cfec9ed2d27e609703
d596e6c774b8f750e18905d4279d8dc1adbe532b7b6faf90241e01eede68d44a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.20.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 11:31:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1201
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0

63.250.38.5

200 OK

934 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2938), with no line terminators
Size
934 B (934 bytes)
Hash
cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.1.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 24 Nov 2021 03:30:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 934
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/multilevel-sliding-mobile-menu/dist/jquery.zeynep.js?ver=1.0.7

63.250.38.5

200 OK

1.6 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/multilevel-sliding-mobile-menu/dist/jquery.zeynep.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.6 kB (1568 bytes)
Hash
9d79874687d5bdb15d3a362cefce3bb4
114a657b2d13278d29e23115302347fb71ec375f
4730b08af7b45815adb127d9ce7540d7bbaa8e21151395c2fbd5ac91674207ec

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/multilevel-sliding-mobile-menu/dist/jquery.zeynep.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1568
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/appear.js?ver=1.0.7

63.250.38.5

200 OK

2.2 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/appear.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
2.2 kB (2239 bytes)
Hash
3e9dea41a25cfa5f5030b42db31a015c
6a895deaa8867bef7168e97430048e37e28480e2
dc89d146662e08f1c31d226ee22ae38282dadf21335ec222d38bf1a0947ca4f9

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/appear.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2239
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.unfold.js?ver=1.0.7

63.250.38.5

200 OK

3.1 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.unfold.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.1 kB (3052 bytes)
Hash
8b8bf866201c9b307a3ad74ecc1136cb
59e868e273b5a019949defbd6e66ef721bc66eb5
423d2c08073a3e5d1e69f0e4d4882349b19d6f397b5ae5d01d47e6c97dd7f87d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.unfold.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3052
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.header.js?ver=1.0.7

63.250.38.5

200 OK

4.3 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.header.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.3 kB (4275 bytes)
Hash
d806a242ded7380eec27f946cc504079
874b15dc8943fa7f9dfd60c6fe4bb13b4e49b0a5
4455df51ccb4e1d45e00d83e148cb964c25f448efe921c2908aba81d7a6dba99

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.header.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4275
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.selectpicker.js?ver=1.0.7

63.250.38.5

200 OK

582 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.selectpicker.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
582 B (582 bytes)
Hash
ccccf3be917079c3a4a8c943eae61915
ff07c112e893c02e75ada29e647878e7baf85460
7832b2b89d6acc0dfe53d4faf260b623b704dcbd1a2cadbefdb15ebeea291457

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.selectpicker.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 582
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.fancybox.js?ver=1.0.7

63.250.38.5

200 OK

1.3 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.fancybox.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.3 kB (1342 bytes)
Hash
b64acdaf3cb5bddd2c542254c3d0d90c
2b984827ca2fdbcf25c8d0dc31b17a390f3e5bb0
86ecedeec82e7922558fef45d63232ff319d71a76cbdc16669fb3e34f09ccc2a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.fancybox.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1342
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.quantity-counter.js?ver=1.0.7

63.250.38.5

200 OK

594 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.quantity-counter.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
594 B (594 bytes)
Hash
f030112f7d4142963a398668142d4294
c22efdda1bc1767b4bedf8d1cdaa8b5d1ba29db8
18a0cacdf5255e7d2615d14c1d12a8f9540a0915436a0f5076f88c88a4de0c04

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.quantity-counter.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 594
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.malihu-scrollbar.js?ver=1.0.7

63.250.38.5

200 OK

672 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.malihu-scrollbar.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
672 B (672 bytes)
Hash
99be771670ff64f13ce86472b3a32041
9776414fb12db6b37efab374a2847b29dfe81fb3
12dfb3c92b4800d69b9979d071ea34228d406cc0248cea3139c90dd30b78998d

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.malihu-scrollbar.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 672
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.scroll-nav.js?ver=1.0.7

63.250.38.5

200 OK

2.0 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.scroll-nav.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
2.0 kB (1951 bytes)
Hash
9b9fdc30cc62f0088b4d72c06b8b32bd
6db1f681933a50f98b8cf695a2ad956716d86a6c
8ac973144e474720294bc814ccb90ac7b66656eda82861dc44fc25db608cc1af

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.scroll-nav.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1951
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.onscroll-animation.js?ver=1.0.7

63.250.38.5

200 OK

1.2 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.onscroll-animation.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.2 kB (1194 bytes)
Hash
276aed8f27349c04586fcd0395923a9d
829f21977b994d3effbf1062d39a2f9a9e49628a
14858616944569e4ea2bf4e431ab85744012f01f8e39ce678f3a9e0a0e3abc53

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.onscroll-animation.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1194
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.show-animation.js?ver=1.0.7

63.250.38.5

200 OK

775 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.show-animation.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
775 B (775 bytes)
Hash
844ce9a66aff0c8d47ecd36c4ed349bc
7e53906f56d611dbfdc770bdb980d2dcb1fdc661
63dc738e14aa1318687a20573938d14662db5d69ad7c2f4fa2171aded3025831

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.show-animation.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 775
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.cubeportfolio.js?ver=1.0.7

63.250.38.5

200 OK

1.4 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.cubeportfolio.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.4 kB (1369 bytes)
Hash
d7e802708a4698809eb25597a2ab1f60
b06dfaf501820653bef2428561e21c79507e28d9
816df5ee0844f507bfd7b8c3318c6cade48931952a83ddbd9876448bc2e4026e

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.cubeportfolio.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1369
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/bookworm.js?ver=1.0.7

63.250.38.5

200 OK

2.3 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/bookworm.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
assembler source, ASCII text
Size
2.3 kB (2256 bytes)
Hash
e1d5225e67e7f889029879865446b9d9
a5fcf0e51dc83b30b1164513a7123a37898b6af0
d8159a861c3b4d288e0f4bdd9b19fd8c36e13f16d0fc80cf4246cfab8ac94993

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/bookworm.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2256
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0

63.250.38.5

200 OK

833 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1713), with no line terminators
Size
833 B (833 bytes)
Hash
08f4f71fba69b46947b1cb8dd287308c
e78a529644bd145de9d1363d31934a9de12ae062
ce1890fdec2706b513d60978f087f69c191e4e577ecec0ffe9727c06d176aec1

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/lib/punycode.min.js?ver=1.0.0 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 833
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

63.250.38.5

200 OK

4.6 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8

63.250.38.5

200 OK

174 B

URL HTTP/2
afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with no line terminators
Size
174 B (174 bytes)
Hash
df8d6b24a870f878b16510e5dca1631d
588d0f674156a3208cee87b897af15f40854e484
499999d720ab71bdffc4e0115b8b05e1d5997f12e482426546a58a00edd77f74

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/utils.min.js?ver=1.7.8 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-length: 174
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5

63.250.38.5

200 OK

7.7 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (24463)
Size
7.7 kB (7677 bytes)
Hash
6dd52359af796b867c2dee4255caa52e
7f21b4f744f9bf32b1b5d6a44dae4fa4b75cfd21
4b198541955ce022c655ce5599eddd70cb33afccb09467c1b8287b862d2ef0bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/lib/jquery.validate.min.js?ver=1.19.5 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7677
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.go-to.js?ver=1.0.7

63.250.38.5

200 OK

1.1 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/js/components/hs.go-to.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.1 kB (1121 bytes)
Hash
1470b02620f48785a5b2d24eb064ac96
9abe0cf31acf1f73799a2f860555d21e30f75cd4
cbd5c63d39e2f9dacab7e8d23bf35c54b014c763448e64c301aea176fab3e656

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/js/components/hs.go-to.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1121
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2

63.250.38.5

200 OK

1.6 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
C source, ASCII text, with very long lines (4014), with no line terminators
Size
1.6 kB (1615 bytes)
Hash
204e049174229ff4ff265a32906604d3
1fe2ba0e482195116eab6850f8c2f8503fc92b8f
f1efb1329e736df7f94205dcd235a22b3f866b951aa7154b75e4b298b56baf21

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/lib/mailcheck.min.js?ver=1.1.2 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1615
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

63.250.38.5

200 OK

30 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1

63.250.38.5

200 OK

37 kB

URL HTTP/2
afribookmarket.com/wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65290)
Size
37 kB (37061 bytes)
Hash
fc627ea4d5ac5207df2e986c8277863d
caacc0607a7826051e822f8cc8084dd942454d33
775574d89973db5568ec1ba850614f6c0480b73950f1232196d4ca8a6289b820

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-includes/js/dist/vendor/react-dom.min.js?ver=17.0.1 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Wed, 13 Apr 2022 00:42:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37061
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/bookwormgb/dist/frontend_blocks.js?ver=1.1.3

63.250.38.5

200 OK

51 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/bookwormgb/dist/frontend_blocks.js?ver=1.1.3
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (64369)
Size
51 kB (51337 bytes)
Hash
bc07b553028a3b58dadb222967c190a5
57990de4cc91b02b603bdb18af4314addd7307b4
470e19aecfa66efc2abd5e3fc229f465eb8ec88d24818a9b3bced9debc7323ef

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/bookwormgb/dist/frontend_blocks.js?ver=1.1.3 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 13:06:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 51337
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.concat.min.js?ver=1.0.7

63.250.38.5

200 OK

11 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.concat.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (39884), with no line terminators
Size
11 kB (11343 bytes)
Hash
0b6c9703ced84a83f1cfec2d888097cf
06f99779bfcce6f0ac964a62ce936c2c7a05e82d
1731badfb560a424c8c3612273f7ecffb15f953598dc1e731bfb7d53b8d3b193

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/malihu-custom-scrollbar-plugin/jquery.mCustomScrollbar.concat.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11343
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.min.js?ver=1.0.7

63.250.38.5

200 OK

16 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (32007)
Size
16 kB (16186 bytes)
Hash
6ebdee323c77ec9ca887ad7949edd864
660cea0db24aa48df4fceb6fe65a8ec8e47187df
6456be1a27f13f80d741b30ab75e95f024b398d78d6ce4d3baf8851e516541e5

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/fancybox/jquery.fancybox.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16186
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/js/jquery.cubeportfolio.min.js?ver=1.0.7

63.250.38.5

200 OK

19 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/cubeportfolio/js/jquery.cubeportfolio.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65259)
Size
19 kB (18688 bytes)
Hash
7b6f50fb32c571ce2146ef67b64084bb
bfe453004a9ce2d920d8c0f822d6e317e73f5613
344c4930bb27a63065526050a5ab96787ff537c46796e01fb0b5ebd77c00edbe

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/cubeportfolio/js/jquery.cubeportfolio.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18688
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8

63.250.38.5

200 OK

9.3 kB

URL HTTP/2
afribookmarket.com/wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32390), with no line terminators
Size
9.3 kB (9337 bytes)
Hash
9d4d65fb96c906b9a22c005ef652d30a
03218309668302df04d56bd528487f55eeee888a
f5cfd56ba8d09ded1b2ef24f6375b460ef10f2a9a4648b61851b1f3cc767679a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/plugins/wpforms-lite/assets/js/wpforms.min.js?ver=1.7.8 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Thu, 10 Nov 2022 17:24:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9337
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c58de690a701dea26333a42815dc3003
91d9e60c285f6578b5d814901a90f52cafbb8790
179d035993138ec5fdb0b2bf1987888f751903e959af09e335ada210be842ca6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.195

200 OK

38 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Size
38 kB (37924 bytes)
Hash
e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afribookmarket.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 06:03:56 GMT
expires: Fri, 17 Nov 2023 06:03:56 GMT
cache-control: public, max-age=31536000
age: 154131
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2

216.58.207.195

200 OK

57 kB

URL HTTP/2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 56968, version 1.0\012- data
Size
57 kB (56968 bytes)
Hash
6256ef56b938ba30869c7a60d12e9600
2740fa67137026e4fae386baa827129dbd8b8490
45606f837ab8530c01f3602592ed7a118450be4ef3f629ca644d0543099e5c6b

HTTP Headers

GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa25L7SUc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://afribookmarket.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 56968
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 15:25:51 GMT
expires: Sat, 18 Nov 2023 15:25:51 GMT
cache-control: public, max-age=31536000
age: 34016
last-modified: Mon, 11 Jul 2022 21:29:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js

104.17.24.14

200 OK

1.0 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2609)
Size
1.0 kB (1046 bytes)
Hash
f56bc0a6837b34f783f73cd70cd9f2c1
a093b6f45674f1cac3ccc35498eb1a5945f7dde9
0c67ee4dc6af2a5a0b020d3e2e5b049720e516bb4faf6b0b60bd96bf3eba1199

HTTP Headers

GET /ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 19 Nov 2022 00:52:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec2-ad3"
last-modified: Mon, 04 May 2020 16:11:46 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8748732
expires: Thu, 09 Nov 2023 00:52:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCbok8lMDlzHqBE5msKdakXKkefzpUozUJXQgppmr1OIL7po80HZeU0huuQgRp1sZ%2BYHNgrdqXq8MyrPmwyWT6wLF3lOUp3MVOHms3Fh5Qw%2FPwdxlANFhkRvBt%2BBG1Hxy0YmXjZD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76c4f71269261bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 00:52:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

pixel.wp.com/g.gif?v=ext&blog=211827636&post=0&tz=0&srv=afribookmarket.com&j=1%3A11.5.1&host=afribookmarket.com&ref=&fcp=0&rand=0.2274991509538894

192.0.76.3

200 OK

50 B

URL HTTP/2
pixel.wp.com/g.gif?v=ext&blog=211827636&post=0&tz=0&srv=afribookmarket.com&j=1%3A11.5.1&host=afribookmarket.com&ref=&fcp=0&rand=0.2274991509538894
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
GIF image data, version 89a, 6 x 5\012- data
Size
50 B (50 bytes)
Hash
e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

HTTP Headers

GET /g.gif?v=ext&blog=211827636&post=0&tz=0&srv=afribookmarket.com&j=1%3A11.5.1&host=afribookmarket.com&ref=&fcp=0&rand=0.2274991509538894 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 00:52:47 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/flaticon/font/Flaticon.woff2

63.250.38.5

200 OK

7.9 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/flaticon/font/Flaticon.woff2
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 7872, version 1.0\012- data
Size
7.9 kB (7872 bytes)
Hash
0f6016747c48d55b0eea64ed1de94c76
e1491eb5fab4fe3b2077c4147f2963d119169824
2ff70b6d19b2342b30a498e3259c647ee9ab5b059c2af13babbda10f3d6cbd9f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/flaticon/font/Flaticon.woff2 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://afribookmarket.com/wp-content/themes/bookworm/assets/vendor/flaticon/font/flaticon.css?ver=1.0.7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:47 GMT
content-type: font/woff2
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-length: 7872
date: Sat, 19 Nov 2022 00:52:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/webfonts/fa-solid-900.woff2

63.250.38.5

200 OK

76 kB

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/webfonts/fa-solid-900.woff2
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 76120, version 330.-16188\012- data
Size
76 kB (76120 bytes)
Hash
55eb2a60e8181f0e68b558c991973bf0
af776f52d579da211590e0691d554b88a69dfe61
2c3097237d60f42e800ebe4009c9af144bb19e5581e1c0501c7b259eee7e210c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://afribookmarket.com/wp-content/themes/bookworm/assets/vendor/font-awesome/css/fontawesome-all.min.css?ver=1.0.7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:47 GMT
content-type: font/woff2
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-length: 76120
date: Sat, 19 Nov 2022 00:52:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/uploads/2022/10/flyer_20221019070153_2-e1666361051897.jpg

63.250.38.5

200 OK

9.5 kB

URL HTTP/2
afribookmarket.com/wp-content/uploads/2022/10/flyer_20221019070153_2-e1666361051897.jpg
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 399x235, components 3\012- data
Size
9.5 kB (9536 bytes)
Hash
29db97bf426491300f521960147721ab
613951c83ebf8fc5612e9e1abf924a0d4522219f
d94f71cf027f39f2db464b344fd875157061d778301b21630b53befd05d9ee06

Detections

Analyzer	Verdict	Alert
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/uploads/2022/10/flyer_20221019070153_2-e1666361051897.jpg HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:47 GMT
content-type: image/jpeg
last-modified: Fri, 21 Oct 2022 14:04:11 GMT
accept-ranges: bytes
content-length: 9536
date: Sat, 19 Nov 2022 00:52:47 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

stats.wp.com/e-202246.js

192.0.76.3

200 OK

6.1 kB

URL HTTP/2
stats.wp.com/e-202246.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type
ASCII text, with very long lines (2690)
Size
6.1 kB (6073 bytes)
Hash
8654c1114404a9767d7c5f2f175b290d
a7abe921d167c573f8303118a352c063b9efd377
5095cd32cc71995a266ad749bd723694bf772515d508b45eb2455c6ace9786c7

HTTP Headers

GET /e-202246.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 00:52:45 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Sun, 05 Nov 2023 21:02:58 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/style.css?ver=1.0.7

63.250.38.5

200 OK

0 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/style.css?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/style.css?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: text/css
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 77623
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

afribookmarket.com/?wc-ajax=get_refreshed_fragments

63.250.38.5

200 OK

0 B

URL HTTP/2
afribookmarket.com/?wc-ajax=get_refreshed_fragments
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://afribookmarket.com
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Cookie: tk_or=%22%22; tk_r3d=%22%22; tk_lr=%22%22
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
access-control-allow-origin: https://afribookmarket.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: 1cb_HTTP.200,1cb_HTTP.200
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
date: Sat, 19 Nov 2022 00:52:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

stats.wp.com/s-202246.js

192.0.76.3

200 OK

0 B

URL HTTP/2
stats.wp.com/s-202246.js
IP
192.0.76.3:0
ASN
#2635 AUTOMATTIC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /s-202246.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 00:52:45 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-2494"
content-encoding: br
expires: Mon, 13 Nov 2023 23:50:14 GMT
cache-control: max-age=31536000
x-nc: HIT arn
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@400;500;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Inter:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 19 Nov 2022 00:52:45 GMT
date: Sat, 19 Nov 2022 00:52:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/js/bootstrap-select.min.js?ver=1.0.7

63.250.38.5

200 OK

0 B

URL HTTP/2
afribookmarket.com/wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/js/bootstrap-select.min.js?ver=1.0.7
IP
63.250.38.5:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
mnemonic_dns	Sinkholed
quad9	Sinkholed

HTTP Headers

GET /wp-content/themes/bookworm/assets/vendor/bootstrap-select/dist/js/bootstrap-select.min.js?ver=1.0.7 HTTP/1.1
Host: afribookmarket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afribookmarket.com/oesi/?qbot.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 26 Nov 2022 00:52:45 GMT
content-type: application/javascript
last-modified: Sat, 15 Oct 2022 12:33:33 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12604
date: Sat, 19 Nov 2022 00:52:45 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (67)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations