Report - ps.rovedar.com/

Report Overview

Submitted URL
ps.rovedar.com/
IP
168.119.149.7
ASN
#24940 Hetzner Online GmbH
Submitted
2022-09-02 08:41:02
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
96

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	6.3 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	44.240.207.158
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	88 kB	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.6 kB	53 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	19 kB	216.58.211.10
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
rovedar.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	530 B	116.202.195.240
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	336 B	1.9 kB	23.36.79.17
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
ps.rovedar.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	37 kB	918 kB	168.119.149.7

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-02	medium	ps.rovedar.com/	Malware
2022-09-02	medium	ps.rovedar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/elementor/css/post-4296.css?ver=1662050606	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/elementor/css/global.css?ver=1662050607	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/elementor/css/post-6507.css?ver=1662050607	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607	Malware
2022-09-02	medium	ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	Malware
2022-09-02	medium	ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4	Malware
2022-09-02	medium	ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2	Malware
2022-09-02	medium	ps.rovedar.com/	Malware
2022-09-02	medium	ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (38)

	URL	Size	First Seen	Last Seen
	ps.rovedar.com/	190 B	2023-03-07	2023-03-07
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-07 12:08:52 Times Seen1 Hash 2261aefd9275b02786fd1ad84bb9d276 008f4b402811564752af687c2efc2bc5b29074e7 509a142c17d257a9655cde8e5ce6fa0d50270790c8547247bcc208947997bd64 Loading...

	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	11 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 06:13:12 Times Seen5360 Hash 4eee50ac6f4f364ba3a284d0753ddae3 a8e7e824e6824ae0b370ff36e2c07ca07276fae0 b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe Loading...

	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753	20 kB	2023-03-07	2024-02-21
Pretty URL ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-02-21 23:53:09 Times Seen142 Hash f6d857d8e4baa2da4ef6c5c750b6747e 8a773384904f8187801b2d2539cb848e0c41be51 a82822b63b7efc8a7c147a1010533785a8f781fbe8ea22769d4e1ccd2df12765 Loading...

	ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4	33 kB	2023-03-07	2024-03-31
Pretty URL ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2024-03-31 15:07:38 Times Seen285 Hash 2c14a310ba03d9514354cd88cd85e9d4 ad5b3ec8dc78535ef8d1c726281d451516a96105 2d8fc0e5133c54c9c9d83aa54e7f6dd38cff44322a98a83c3a688f3bd96cc6b9 Loading...

	ps.rovedar.com/	135 B	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-25 13:07:04 Times Seen26594 Hash 3f82b089cf163a5417b3edb4687151f7 28436f92ab540ff08b12fdefddc7da67ba0f04f7 5ba9af6f12e99663f8f04285ef3d4ffd4cdbca820bccbc2dda9c40f805b5a850 Loading...

	ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1	90 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:27 Last Seen2024-04-25 09:25:37 Times Seen23026 Hash 00727d1d5d9c90f7de826f1a4a9cc632 ea61688671d0c3044f2c5b2f2c4af0a6620ac6c2 a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74 Loading...

	ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4	5.6 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-25 09:08:19 Times Seen30969 Hash 3a56752b736635bf69cb069b8818cbfd 42e0951fe74bb3f56a30f51291823bcd4a84d76e ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869 Loading...

	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2	12 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 13:12:29 Times Seen52743 Hash 3819c3569da71daec283a75483735f7e ecd40a5cc6f0b76200c454ca880210dc301cfab8 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0 Loading...

	ps.rovedar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 04:27:26 Times Seen38041 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2	2.1 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 13:07:05 Times Seen22395 Hash b72c1cbb1530a011a27bd9800f26765a 27b825c5d8255f33b8427a059d4545ebd65e1746 a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8 Loading...

	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753	71 B	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:09 Last Seen2024-04-25 12:31:56 Times Seen966 Hash 2e69ad2b1a30e8f89971cb6912f079cf fe425f207b5ca32effaf1827173b16715a32e6a5 1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c Loading...

	ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0	13 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2024-04-25 08:42:46 Times Seen76202 Hash 5cfa2b481de6e87c2190a0e3538515d8 0fccf3c8ab2c10b4dcc7970e64ce997ab1622f68 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3 Loading...

	ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-24
Pretty URL ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-24 15:27:20 Times Seen2051 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:22:14 Times Seen37063329 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ps.rovedar.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1	11 kB	2023-03-07	2024-04-24
Pretty URL ps.rovedar.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-04-24 18:24:18 Times Seen348 Hash 0ee357a183287d64fcf277f66d532e6d b45721bde387037ac73347020edb890ac4a77814 7ce6eb9cd7f07b424c34ee977214503668ae5e137d07b3fe0a37373e57686ebf Loading...

	ps.rovedar.com/	152 B	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 13:07:04 Times Seen19914 Hash b8c40bf7c92768058d743847cccdb147 4fbbbcb2dda4d05e2e58bf43330c559b4165fc0b 7872ff233c7b2bfa962f491d0575e71f0b0b487bc63899ff4c72c7c9d5197688 Loading...

	ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2	2.9 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 13:07:05 Times Seen13977 Hash 0fd625c3991a4015814cffdc88e2fc82 d7c2f53e058210ff3ea773297641008bab71a5f3 2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1 Loading...

	ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4	40 kB	2023-03-07	2024-03-31
Pretty URL ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2024-03-31 15:07:38 Times Seen353 Hash 7036d87210ae766b2d8655fe7b11095d 1817102e57db7be2b61e900076f9d2e39e44e050 5bc95c7fb8d4a568a7966755e750aa5392a39abe08521d3b4895442de86a1678 Loading...

	ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-24
Pretty URL ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen3653 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	ps.rovedar.com/	141 B	2023-03-07	2023-04-08
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-04-08 23:42:32 Times Seen3 Hash faad8c560818e26401542976be44c359 b252c36fefe3a659620a00614a1e3c017dbacd65 18eaa8009186a41d77c980397cf7210798f99232b0383d0e1a40d37ff25f5475 Loading...

	ps.rovedar.com/	5.0 kB	2023-03-07	2023-03-07
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-07 12:08:52 Times Seen1 Hash 362b3dc0b09b46bae4f5680acc845674 1eda864ca0d7c001a89fd94969682739064b862e 9437331352601d3cfcf5251af87703e56548fdc35370c2d232719db41296075d Loading...

	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753	1.7 kB	2023-03-07	2024-04-21
Pretty URL ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2024-04-21 15:30:28 Times Seen541 Hash a1c36aeb7a1e465a24899cbeaab3a3a6 8fb84b7536d214fefbf1d7d65ad887a4a441d4e9 358d031ae310f2f7949026440ade6a6e0d1bf52733503156366796bf2d401347 Loading...

	ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2	9.5 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 13:07:05 Times Seen1881 Hash a5451283952efd5df49466bbeace6911 dce405842471c303c3d8fd6fa3c084aa56a71029 f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d Loading...

	ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4	43 kB	2023-03-07	2024-01-18
Pretty URL ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:39 Last Seen2024-01-18 02:46:52 Times Seen91 Hash fc8dd6d88a62995abec61c99dac42f83 11bb5f9be920a11e687e43e778ac3270f7c9a759 35a2740a4178fe70e9d5f108e3f27d30cbc573747d12cdd494af9180e2773f16 Loading...

	ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2	8.2 kB	2023-03-07	2023-03-26
Pretty URL ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-26 06:38:03 Times Seen9 Hash 9ce22383324e03a2248bdbbe1723ba07 e6e5f211c6b21f4d1ec081115afe2d0f521fa292 492be58a6c862314d47c6de6e7419fd4a9e6fb033f3b64e0ffc5a6cfcb6531e3 Loading...

	ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10	6.6 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 06:13:10 Times Seen4093 Hash e16a8821e5f099c3a619889ea7cf0399 a38e0c736aaf0b019b29b63b00e68c1381502217 a48dea362116d7516a2cf97066a32758d353760ee02dbf900ddff86b02a16473 Loading...

	ps.rovedar.com/	294 B	2023-03-07	2023-03-07
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-07 12:08:52 Times Seen1 Hash 2e0f5d4a834e394304e7ad8b826a4eae de99b8913b5c07aa2576994a305c22f5f7887d54 beb23840057cccffbd67544614f5fc6bfe1b8f39421472b7a24a27bc395c09fd Loading...

	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753	40 kB	2023-03-07	2024-01-24
Pretty URL ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-01-24 12:21:14 Times Seen17 Hash a38fe70177e77d3da36fdc1858fb9b0d a3ea09fb48ffeb42d35313a8d5a0785a704b0491 f178cd056f2ee04434f11164ac477cd8ddfd5ab73e124162e431f5e71d62661f Loading...

	ps.rovedar.com/	725 B	2023-03-07	2023-03-07
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-07 12:08:52 Times Seen1 Hash 3b5380373885a3a7544455f4da6a1c82 952f01dc9f43b6ee903fa26e526ff83bc5f6a197 7e3c4f73de0c5a605f80c24358ea518f228d5626b0401ca8bda6e3fb2d1431de Loading...

	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753	5.1 kB	2023-03-07	2024-03-14
Pretty URL ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-03-14 19:42:55 Times Seen392 Hash a59b06ecad84a5f2d5c7e4a94491b7b6 3d65ec8a17cd89c221484a5ec250c7767c82797d a0fadfcb29de9d60aa0ef729fca932b7c31910e4a096864010157b123ec9f4d7 Loading...

	ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753	1.5 kB	2023-03-07	2024-02-21
Pretty URL ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:08 Last Seen2024-02-21 23:53:09 Times Seen116 Hash e80bf3210f6195a4a69b6b45b804159a ed3b9631cc90ff6424c6d062cb9b9698c78a71d1 a8b6b9f877b915ca8f49e6485d1ad88f4447328341b2aa53e35ecd16fd1c62de Loading...

	ps.rovedar.com/	2.2 kB	2023-03-07	2023-03-07
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-07 12:08:52 Times Seen1 Hash 1eb498a3dd9ba9f1273c583790372448 35c27980d6eee126661e012f8e93f470d5e4db57 b4b4280811de25fde996e683874d648686f32cd7549142e92874b4c7016878c9 Loading...

	ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1	25 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 06:13:11 Times Seen16605 Hash 046405de007ff73e52d17dab2af75258 887cfb8a9de27005875f6e1c1d1ead43bd0865c8 533e264cc615ee4601da8d2c1dee4a8987319e53d4d7162272f067fbbf250020 Loading...

	ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6	139 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 13:07:05 Times Seen23160 Hash 15bb2b8491fc7e84137d65f610e1685a cd76b70a5426893e9c022b9a75c50a7c1348e2d0 b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804 Loading...

	ps.rovedar.com/	289 B	2023-03-07	2023-03-07
Pretty URL ps.rovedar.com/ IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:52 Last Seen2023-03-07 12:08:52 Times Seen1 Hash 242ce237576b6669f57aeafdf2187b0e 4c5c13420bc88d4da19cb525294a4a02a58eef6c 33370f4f33bfff8f61a90590cc3d13bb38a4365b9e095d04f3c4f072564b0b6c Loading...

	ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2	1.8 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-25 13:07:05 Times Seen21598 Hash d0a6d8547c66b0d7b0172466558d1208 ff93916519c7b9483251f609e4d29f38c30a66e3 3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612 Loading...

	ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1	3.4 kB	2023-03-07	2024-04-24
Pretty URL ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-24 18:24:18 Times Seen626 Hash 5c38aa6d5b98586ca2ba973ab8b4b6b1 8215983363ea0d74f99368336404b0d27217778f 7c4dcab706e6bf67c64df89d3f5e137cb19efa293771613f511aff1ad563a6df Loading...

	ps.rovedar.com/wp-includes/js/comment-reply.min.js?ver=6.0.2	3.0 kB	2023-03-07	2024-04-25
Pretty URL ps.rovedar.com/wp-includes/js/comment-reply.min.js?ver=6.0.2 IP 168.119.149.7 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 11:53:55 Times Seen29282 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

HTTP Transactions (118)

URL IP Response Size

ps.rovedar.com/

168.119.149.7

301 Moved Permanently

707 B

URL HTTP/1.1
ps.rovedar.com/
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 02 Sep 2022 08:40:51 GMT
server: LiteSpeed
location: https://ps.rovedar.com/
vary: User-Agent

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9407
Expires: Fri, 02 Sep 2022 11:17:38 GMT
Date: Fri, 02 Sep 2022 08:40:51 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 07:41:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kO5cSKNkAaIf3VA4DgeD-o9tL9HPRigaoekmhH66Hlv9d5HdRNdSzg==
Age: 3549

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oM7-tdv9cfGTB2NWkymjRU4YeM37ffAmU7svPpXcEG4dxswQoRkLIA==
age: 26735
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 08:40:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

dvcasha2.ocsp-certum.com/

23.36.79.17

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
23.36.79.17:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
7acd74974d3bca3271899552103744e1
2ee187b88b603c8f212fc28135d249bb9961b69e
7f2b83a6a0424a1686b3a65feebc66943a4380af818af2ead44037ed920ba8e3

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: MISS
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 02 Sep 2022 08:40:52 GMT
Connection: keep-alive
X-N: S

ps.rovedar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

168.119.149.7

200 OK

11 kB

URL HTTP/2
ps.rovedar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (43771)
Size
11 kB (10946 bytes)
Hash
d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 22:21:30 GMT
etag: "15b64-62cdf3ea-54e3dd413a01acdf;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0

168.119.149.7

200 OK

1.1 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4933), with no line terminators
Size
1.1 kB (1109 bytes)
Hash
8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:24 GMT
etag: "1345-6307b2a0-25c93014ef64711a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1109
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0

168.119.149.7

200 OK

21 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
21 kB (20786 bytes)
Hash
844842439ba060ee255a40ec00e69ff5
a37c3b78aeea3c7d58a6e59bfa99ff3d81ec5b8c
169af0ea951379b0d2a47976e8e76c6684fb2c92146e23c31e57079b9cacdba2

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:23 GMT
etag: "333cb-6307b29f-ff093e48fdbcb834;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20786
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

168.119.149.7

200 OK

848 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:38:38 GMT
etag: "aab-6310e00e-db1076ad16a75f48;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 848
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2

168.119.149.7

200 OK

12 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
12 kB (12264 bytes)
Hash
0fba55d96f1648182326c68925f66925
fa8487bbe2d2420165c8e62f3fbfb5b200ce2328
bc8f0c7c5bf53b26afa88bbc7bd70ec0a53f9fa5597b55d156bcce560ce2e899

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 22:07:33 GMT
etag: "122c2-62686d25-8cf10e370298be88;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12264
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/v4-shims.css?ver=6.0.2

168.119.149.7

200 OK

4.0 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/v4-shims.css?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (26440), with CRLF line terminators
Size
4.0 kB (3953 bytes)
Hash
55c03b3085a914443ec03aa6af329cab
3edef0d06fcdef95c24acd0663aee37bf9dfa840
9fcf789a291f096becb1efb1e75e5146f4bd9b3278764ea3437652b804b775b5

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu//inc/font-awesome/v4-shims.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 22:07:31 GMT
etag: "6805-62686d23-e052aec3c5d567cd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3953
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2

168.119.149.7

200 OK

4.0 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (41682)
Size
4.0 kB (4039 bytes)
Hash
264b5cf393a3934d95a58d1acaa6d8a4
572cbf94d0205050213663032e3472a9f87aaec4
64c64cd8f9dc4aa4cd87b1a2c743906b8b8d4b7275128dea9e23d8b540f46b27

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 22:07:33 GMT
etag: "aabd-62686d25-e5d44a5d9468359d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4039
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/all.min.css?ver=6.0.2

168.119.149.7

200 OK

31 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/all.min.css?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
31 kB (31219 bytes)
Hash
f8a772e0e44feafe423a71cb5b327309
b0424e28b43e3acb656819fd34da2a7d463a9667
29eff15ec2b8f67aebc9a6b580e0d4d4b4b6fa0e48121d3216f55b4fa1cd9bec

HTTP Headers

GET /wp-content/plugins/nirweb-support/assets/css/all.min.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 19 Jun 2022 09:40:54 GMT
etag: "294f1-62aeef26-ed3c53dbf1e5de6c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 31219
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/user.css?ver=6.0.2

168.119.149.7

200 OK

4.3 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/user.css?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
4.3 kB (4272 bytes)
Hash
1beafd6195acbf777ded6b074d031e81
60857bc249f60b5de59f05641785a1210b6592f6
e963a9423f29a05c69af18264b3e3c0c3502f1e4e97562afeed5bc6134ee857d

HTTP Headers

GET /wp-content/plugins/nirweb-support/assets/css/user.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 19 Jun 2022 09:40:53 GMT
etag: "5c7b-62aeef25-57050d1b4f1f08b7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4272
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2

168.119.149.7

200 OK

2.3 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (17809), with no line terminators
Size
2.3 kB (2329 bytes)
Hash
09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "4591-6307b28a-fd12e13b74f7527e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2329
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2

168.119.149.7

200 OK

8.4 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Size
8.4 kB (8432 bytes)
Hash
60aea8fe062ea93aa6dfa342ea23b7fd
bf9a4843acf8f1f116ef2cae7fb40a9a2f37253a
7db430ef3124de87a8a33cf0ffe134a86bff67de803eea16f4b3ed4d2d569d4f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:00 GMT
etag: "f523-6307b288-c340e5bea1105640;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8432
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2

168.119.149.7

200 OK

3.7 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
3.7 kB (3744 bytes)
Hash
2f2f1b7717c9a3018da674a8bc0a2804
95c93d135332439e835b825f0de70edb8dc4fe66
ae54926b859f44d15e5a3dc5fe205523cbb59c208c7e6c07e60198b6a48bb9b5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 05:57:49 GMT
etag: "5d91-62f9e05d-7da352c38a9890cb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3744
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2

168.119.149.7

200 OK

1.1 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6387), with no line terminators
Size
1.1 kB (1052 bytes)
Hash
414e2c36ee2d70ba4f238bb9a49930af
1d5ff1f10c0fa59dd18a42b075c3d6acf371d7d1
e59ad248e2be0bfac533e6122152e72349dab7ef9e1837793723216c0226446f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 05:57:49 GMT
etag: "18f3-62f9e05d-d77dfcc674928856;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1052
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0

168.119.149.7

200 OK

3.6 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (19233)
Size
3.6 kB (3629 bytes)
Hash
af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:38 GMT
etag: "4b4f-6310e04a-180086f68045a2ad;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3629
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4

168.119.149.7

200 OK

741 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (13766)
Size
741 B (741 bytes)
Hash
5c4b4ae69c514982d8e32ee57f3d5184
e4a867626d7329783b023dad2b5ec82a3f56953e
78b1902aae7d2ce3b60c5def9854aa45762744c7dc99ede1f26c48da8a173175

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:19 GMT
etag: "35ed-6310e037-23a1603e49fdda4f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 741
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/elementor/css/post-4296.css?ver=1662050606

168.119.149.7

200 OK

365 B

URL HTTP/2
ps.rovedar.com/wp-content/uploads/elementor/css/post-4296.css?ver=1662050606
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1331), with no line terminators
Size
365 B (365 bytes)
Hash
be0ea536308ad6872228a28b1178b449
04d1ea6fda4eb49aa8ee0a2a34d459aac92041b9
2f82bae1b36d69b3314d0d7b52fb5e757d1211dcb0401316b1249f42a43d678f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-4296.css?ver=1662050606 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:26 GMT
etag: "533-6310e12e-5471590c9b99f6d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 365
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10

168.119.149.7

200 OK

22 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65492)
Size
22 kB (21617 bytes)
Hash
cf17765339c358f662f0b485e05b3d8b
f93370f6df67fceba23de2857f5cf37cb7369cf6
0708320b9ca5aebdff083bbc76f5742a64e3b3299a2c61337afeff80b9e6e8b4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "33812-607da986-56765f478a2d99ff;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21617
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/elementor/css/global.css?ver=1662050607

168.119.149.7

200 OK

3.4 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/elementor/css/global.css?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (20817), with CRLF, LF line terminators
Size
3.4 kB (3373 bytes)
Hash
85df4fecf75791e15b5d8acb5ee09cca
ab5229a4f6a0c5a489d372c65cd4978e7261aecb
13f0a01fbdbf92fb8bf3fa8d8cc1925c1fd71cdb409074ff741f6466725c2550

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/global.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "dc24-6310e12f-7532b155c7cc7edd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3373
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607

168.119.149.7

200 OK

2.5 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (19116), with no line terminators
Size
2.5 kB (2506 bytes)
Hash
948e84b8f5d067b58e3f9e01ee3d0df9
4f4f2bfe3d895d111f578a998f3b9c74b6356155
d009426476a3d776228b56bce11c1532a9cabd6ab1fe485e3ab933cf928827c3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-5253.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "4aae-6310e12f-894db53ab877335c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2506
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.12

168.119.149.7

200 OK

768 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.12
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3921)
Size
768 B (768 bytes)
Hash
8a61a7fcc559ba63e12e78a2cf3ad768
be5bb9051e0a8907ba3ce65bb1b9466d6487de67
8e16ea2ef67934229c001d14860d3dfef45f9bfb4f23bf561df450597b824f38

HTTP Headers

GET /wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.12 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:40:31 GMT
etag: "f52-6310e07f-46339d80e525e81c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 768
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607

168.119.149.7

200 OK

1.3 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (7040)
Size
1.3 kB (1287 bytes)
Hash
aaff20b9b23bdf8be25b08fe532cd992
28303abd9cc4cea4ad3fced587068b7034ee8eb3
45d0b2d4821e776331a71c136fa39d134b7b9dc9048f75118d8723438e10dc57

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-5254.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "25a5-6310e12f-b4cefb098b1a92e3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1287
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607

168.119.149.7

200 OK

1.1 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (13028), with no line terminators
Size
1.1 kB (1127 bytes)
Hash
c870046dc6a588fd453fdd08344b5896
9ef2eaa183b0b16a3394def3c0d989fd0d279802
0b77038a2241e52b26884a0a60d9e35f7437bff28c831e280d4925088dc6445f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6442.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "32e4-6310e12f-5ad11013f63027b2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1127
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/elementor/css/post-6507.css?ver=1662050607

168.119.149.7

200 OK

367 B

URL HTTP/2
ps.rovedar.com/wp-content/uploads/elementor/css/post-6507.css?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3217), with no line terminators
Size
367 B (367 bytes)
Hash
b528caafa008b516f0f9f90375cbcd35
d4c9b89d0b1534093d4fbd97f50096f844769141
4bdfb38548d1d3234e18f3f50e2106367285cdb4b5486081893eea785feef2fa

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/elementor/css/post-6507.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "c91-6310e12f-30150d31953198ad;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 367
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3

168.119.149.7

200 OK

286 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (483)
Size
286 B (286 bytes)
Hash
8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:33 GMT
etag: "29d-6310e045-764fe7f277b8754f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 286
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1

168.119.149.7

200 OK

30 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65447)
Size
30 kB (30317 bytes)
Hash
1f61f1e3c65ebf3864b053f2a777e001
d05eb3e253a1debcef62940a75b267102a906679
47d06924181247732d1d63ec1309057e0a82caa350b870153781421cc656be5a

HTTP Headers

GET /wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 14:29:02 GMT
etag: "15e40-630b7bae-c79d2860ae5ae9d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30317
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0

168.119.149.7

200 OK

4.6 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (13326)
Size
4.6 kB (4603 bytes)
Hash
568016071783b5bf3c5258bf25f7b8a8
8906e1f88561cace5403446edbb94d6ac6b84928
a31775416df1c287f423ade3554bf255281a718a3fe4193aff196a46532ccb09

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 14:29:02 GMT
etag: "3470-630b7bae-c9b5c98ac5571a16;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4603
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2

168.119.149.7

200 OK

2.4 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (1109), with CRLF line terminators
Size
2.4 kB (2357 bytes)
Hash
6f802dd176132debae1fd10c6ba1f9ba
237b16d69032778d84d4b852753a9bb6ebed6481
04c2e0df57aa9f6719362334138b0738017d6244d5209aca784d6dd0c35e4973

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:19:08 GMT
etag: "1fe4-630776cc-99248093d0708ca2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2357
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.css

168.119.149.7

200 OK

1.5 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.css
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (26053), with no line terminators
Size
1.5 kB (1539 bytes)
Hash
5639e4329fc2bd97ef94f1260781166a
554d440071df8ed105686daa38d6417f098e1ffc
355f6c40fcb2d2e7d9dd9c63d0dd980c4344d7f4b45cf6f078df23be853ef0a9

HTTP Headers

GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 06 Feb 2022 21:12:45 GMT
etag: "65c5-620039cd-55d5ee19f82553a1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1539
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/uc_scroll_reveal_text.css

168.119.149.7

200 OK

516 B

URL HTTP/2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/uc_scroll_reveal_text.css
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with CRLF line terminators
Size
516 B (516 bytes)
Hash
c02ff8d97199592481d1a4eb51592e7e
2d0be7b3ad891f2a5ec0d85a19c340b79e5ca726
a0bf9b92233ba5cecbb19c6e3a15a5cf16b1401a455bfc2a41af2235d526ac8f

HTTP Headers

GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/uc_scroll_reveal_text.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 06 Feb 2022 21:12:45 GMT
etag: "e72-620039cd-80ba8d41549e55c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 516
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css

168.119.149.7

200 OK

12 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (55566)
Size
12 kB (11711 bytes)
Hash
4f55b569c93d063120210a6859cab84a
8c1065b740ae27bb5d9e71a308433b2547f68b9b
b3a66914862beaeab2e9c1a6c65066ea6ed7bcc6162c4c640ee45d5078717df4

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 05:17:50 GMT
etag: "d9c7-61fa13fe-78f0b782053c691;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11711
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css

168.119.149.7

200 OK

4.0 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (26440)
Size
4.0 kB (3950 bytes)
Hash
a2e2887e666bfc0b5029000ea6baa077
b081b105977789d47a9195f3d5b7b1f8c6417746
f43840e5ec035343b73d070304d320677d7f92e278ede50e36878c1617d881bb

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 05:17:50 GMT
etag: "6801-61fa13fe-ca8e992c3ed6b194;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3950
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/assets/owl.carousel.css

168.119.149.7

200 OK

1.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/assets/owl.carousel.css
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
1.2 kB (1240 bytes)
Hash
df4c73e3f7df1ce66271a0009be8746b
f52ce409d36a2520a7216b5298f555d0a2c4df0b
9916d83442986660168a8faefd30de79af048d14651ec1715ceb6bbdf5470096

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/assets/owl.carousel.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 05:17:54 GMT
etag: "1288-61fa1402-959bdce7841b176b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1240
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4

168.119.149.7

200 OK

2.4 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (10019)
Size
2.4 kB (2442 bytes)
Hash
d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:36 GMT
etag: "4824-6310e048-cf46cd4d91c8e1b7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2442
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

168.119.149.7

200 OK

2.8 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (9680), with no line terminators
Size
2.8 kB (2799 bytes)
Hash
8a91034fce0e4a2464d2170d38d31382
f00c20cfcbd136ee9aa20d07085c10f470548fe4
1a8f0bcd2b76caf977b08ed30bdd29eb77405ca4c1fe2315b41f8fe2542f1528

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:38:38 GMT
etag: "25d0-6310e00e-2f7c054ccb5c20fe;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2799
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

168.119.149.7

200 OK

3.7 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document, ASCII text, with very long lines (12211), with no line terminators
Size
3.7 kB (3689 bytes)
Hash
b3777786fbf0ac18aa59c687154a9db8
3f24b0cfae49dc3e70f149edaf203a661cd59c88
8e3993f3b5eb33611a7c40d80d1cb048b4329ebb9ad0d9e8eb583e48fda70bb5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:38:38 GMT
etag: "2fb3-6310e00e-d97877251baabdde;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3689
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2

168.119.149.7

200 OK

3.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (9115)
Size
3.2 kB (3245 bytes)
Hash
66c388e07cfb57895688b3347ab7290b
f23bd7a31995b3b19924575f2afa297a29257856
3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "2525-6307b28a-cab1e2b1bbed3ca0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3245
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2

168.119.149.7

200 OK

899 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (1668)
Size
899 B (899 bytes)
Hash
22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:03 GMT
etag: "72a-6307b28b-148617a1a8ff6097;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 899
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85

168.119.149.7

403 Forbidden

1.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1229 bytes)
Hash
836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3

168.119.149.7

200 OK

12 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (57726)
Size
12 kB (12133 bytes)
Hash
f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:33 GMT
etag: "e238-6310e045-db14f73ffa66797d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12133
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607

168.119.149.7

200 OK

143 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
assembler source, ASCII text, with very long lines (33237)
Size
143 kB (142727 bytes)
Hash
0868b9c3a4e17ebe3e497f6b35a8bd1f
62f2e94ca3b8302b5d56b99fa5c1d1418ead5fbb
5319a5b8f2f4fbcf965f59801ccd3b9695040197366fd967e0a69abab0ec0287

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sat, 26 Feb 2022 19:13:22 GMT
etag: "121c37-621a7bd2-b0e5721e7450b403;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 142727
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 08:38:16 GMT
Expires: Fri, 02 Sep 2022 09:15:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GPsUy0Rdw44lPA8XxCBHDJikPE98QvWXazbDqa9USBRql4PWcLjYrg==
Age: 156

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4928
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:52 GMT
Last-Modified: Fri, 02 Sep 2022 07:18:44 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4

168.119.149.7

200 OK

1.7 kB

URL HTTP/2
ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (5477)
Size
1.7 kB (1733 bytes)
Hash
fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:57:57 GMT
etag: "15fd-630771d5-340681e6cb2e9a5d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1733
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4

168.119.149.7

200 OK

2.0 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (4918)
Size
2.0 kB (2044 bytes)
Hash
5bdb04863f888d472d03a3205f7f7a8b
3758dcce12cf8c4f294cc9951aa6f38e6b15a282
ca27a8bc03b726be34834cf353304800de7ce76097903c592416e3be851acf74

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:30 GMT
etag: "135d-6310e042-8c45ff3f27b16f38;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2044
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10

168.119.149.7

200 OK

1.8 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (6595), with no line terminators
Size
1.8 kB (1767 bytes)
Hash
bc7ad49bba8c6fece75cf20e318bde6d
329866570ac3995fb33f1f6b55e6ea3d3c85d25b
479c4099528678e6689805bc618a02c300d62a0f5b41800672c57fb1a458a50e

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "19c3-607da986-d2ae81a031127375;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1767
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10

168.119.149.7

200 OK

46 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (47738), with LF, NEL line terminators
Size
46 kB (45635 bytes)
Hash
3794b437ae8b5f19e685c54f76491c93
e9aa7637ef02ed02ed3e089557836e6c6d0d73cf
21e0599531b97296b70ec9977a7037f5587f967c7e72770bf89d5c68cffa6bc5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "2e01c-607da986-4b339b86e007b526;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45635
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2

168.119.149.7

200 OK

2.9 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (12198), with no line terminators
Size
2.9 kB (2867 bytes)
Hash
869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:36 GMT
etag: "2fa6-6310e048-d460d1d741a4615;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2867
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.4

168.119.149.7

200 OK

1.0 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2620), with no line terminators
Size
1.0 kB (1047 bytes)
Hash
906c4decdcd32482c1cf583b07925d30
30e726b9febb4b651544266df656a21251f0e8e3
53f86e9641d0e35772d6b54294cc6dd685fb9a376a1baad151da120fef609423

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:30 GMT
etag: "a3c-6310e042-16f99d7ab13a1f0d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1047
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

168.119.149.7

200 OK

3.3 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (10544)
Size
3.3 kB (3268 bytes)
Hash
3821415a39954c48c7927e661467c6b8
dfe1116a0efc9898cb6caf094213880da83d6990
5f7f5b28f47c366a0bb70435dc3b2253278222c92429f013084f71fd7d29a32e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:36 GMT
etag: "29ba-6310e048-f05752e734c28fff;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3268
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2

168.119.149.7

200 OK

677 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "85b-6307b28a-fb6177f958bcd065;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 677
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2

168.119.149.7

200 OK

934 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2938), with no line terminators
Size
934 B (934 bytes)
Hash
cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "b7a-6307b28a-79d052977091384a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 934
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1

168.119.149.7

200 OK

1.0 kB

URL HTTP/2
ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (3233)
Size
1.0 kB (1000 bytes)
Hash
9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:02:33 GMT
etag: "d53-630772e9-30b6e25e37deb1df;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1000
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1

168.119.149.7

200 OK

3.0 kB

URL HTTP/2
ps.rovedar.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (10572)
Size
3.0 kB (3000 bytes)
Hash
4d91b181c899d08e40a921209ff01a35
a1fab39994e7a3a0bd3669e4d90867bdcb4c92fe
f03654a085cb9f742b777444c1a0d98925dbc1cae16f9d9c634eaadad6633dde

HTTP Headers

GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:51:56 GMT
etag: "29ff-6307706c-71f3ae95f343e4e8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3000
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753

168.119.149.7

200 OK

6.0 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (580)
Size
6.0 kB (6036 bytes)
Hash
be48b21b5201b47ae4287b7e9c42d0e0
24153843137521a3c31b6f93d684d6111f9bf711
8f2f68c21e2f0ba92ab7162ccfa75aadf50d105885f3b2a1575e5a964e2cb34a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "4dc9-62f9e05f-b58cd8cdb9e8b9a5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6036
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753

168.119.149.7

200 OK

10 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (559)
Size
10 kB (10291 bytes)
Hash
754793315e74d7c835ad014ad8f78b62
82f8f855fa8fc6c76b15a0a9827d98319af7501c
f9f9c14b9c60491431c9845511ad1a463a1c39e33f9ef1266084e1665a15d30e

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "9d1e-62f9e05f-e2ce427f93823c01;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10291
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753

168.119.149.7

200 OK

590 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (543)
Size
590 B (590 bytes)
Hash
bbb31e1b289f0293c007bd6c1bfbd109
10dcd645bce9b6090745b3761b5209ff34561c8a
30f888a66f255d66699485479476ad5c59185e1e485ce8c10de1b397991c010d

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "5c7-62f9e05f-a189b2cc7d1725e5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 590
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753

168.119.149.7

200 OK

636 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (528)
Size
636 B (636 bytes)
Hash
4a5e86d864f06fb49b5f96e9c3e4922a
d18725c12b5e52625e630d3629e012ecdac4d5a0
4f27afbd1a1a00a0eb78779ef5b1d70cdf00163a04cf7ffd1532368fe4cf4c25

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "680-62f9e05f-a1c0578a944a2ca2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 636
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753

168.119.149.7

200 OK

71 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text
Size
71 B (71 bytes)
Hash
2e69ad2b1a30e8f89971cb6912f079cf
fe425f207b5ca32effaf1827173b16715a32e6a5
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "47-62f9e05f-9c111a5912216204;;;"
accept-ranges: bytes
content-length: 71
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753

168.119.149.7

200 OK

1.7 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (542)
Size
1.7 kB (1704 bytes)
Hash
3f346b8fd1ee5dd2c99ca4ed88998f20
f76d6f510a0f3abe0947b4270a2a6e18bacded5a
c18fd1d47a6331d436d9906884950734545e09f20f2839ef6ecc69606bc4a671

HTTP Headers

GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "13c9-62f9e05f-b8f18030677da84e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1704
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1

168.119.149.7

200 OK

6.9 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (25115)
Size
6.9 kB (6935 bytes)
Hash
e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "6272-607da986-d26f2c7c22fdd2a5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6935
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-includes/js/comment-reply.min.js?ver=6.0.2

168.119.149.7

200 OK

1.2 kB

URL HTTP/2
ps.rovedar.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (2946)
Size
1.2 kB (1228 bytes)
Hash
7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:49:23 GMT
etag: "ba5-63076fd3-60897453a130f916;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1228
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4

168.119.149.7

200 OK

10 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (32889)
Size
10 kB (10420 bytes)
Hash
1eddddd51b158817a86a3e7620f6abd1
590d7ed0319e6741695ddc7437839025aca96fc8
41ccbee929188c2d9549655cc19dd14842d2dff45cb7238914587ab0a10704a1

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:25 GMT
etag: "80a1-6310e03d-3cf6e126dad9586b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10420
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4

168.119.149.7

200 OK

12 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (43101)
Size
12 kB (12549 bytes)
Hash
bbfe647d2a65bb04f5c0a61b0ce4a217
8dc4ce842906bccd7c05fcaeb683dd133797644f
29d9b2d2f2b400a474d421f19797c9c1cbd9138a481b711c97e4b35072a76340

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:26 GMT
etag: "a884-6310e03e-dbd8a7ed8c127e80;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12549
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

168.119.149.7

200 OK

6.6 kB

URL HTTP/2
ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.6 kB (6637 bytes)
Hash
139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:14:47 GMT
etag: "50eb-630775c7-5138c6b9b2268a9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6637
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6

168.119.149.7

200 OK

34 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65280)
Size
34 kB (34004 bytes)
Hash
83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:37 GMT
etag: "21f91-6310e049-2f1975e83b05c387;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 34004
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2

168.119.149.7

200 OK

1.1 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (7043), with no line terminators
Size
1.1 kB (1058 bytes)
Hash
398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:00 GMT
etag: "1b83-6307b288-ad970d18687355ab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1058
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ps.rovedar.com/wp-content/uploads/2022/01/bg1-menu.jpg

168.119.149.7

200 OK

1.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2022/01/bg1-menu.jpg
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 57x82, components 3\012- data
Size
1.2 kB (1196 bytes)
Hash
0427f0787b1226e135e085374c060023
03cb26384488bdf79c0e603996809bb369140ba0
ed40c864382455bc60a92a4c48a717a8563b6c19d9b85ecbf5df4f35f69b3759

HTTP Headers

GET /wp-content/uploads/2022/01/bg1-menu.jpg HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 21:28:47 GMT
etag: "4ac-6211610f-19e601757b0565c5;;;"
accept-ranges: bytes
content-length: 1196
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/2022/02/bgfoot.jpg

168.119.149.7

200 OK

109 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2022/02/bgfoot.jpg
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x1328, components 3\012- data
Size
109 kB (109248 bytes)
Hash
12dcb8d662aa8b314b2c65fbf6801359
832296167f1018098b5c982a0301b07c135009e2
bde0317cbaa43b9796d9c4107926fcfcfced093550a466336a36e1d8b02eb86b

HTTP Headers

GET /wp-content/uploads/2022/02/bgfoot.jpg HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/jpeg
last-modified: Sun, 06 Feb 2022 18:33:20 GMT
etag: "1aac0-62001470-59efcaf8a6dfffae;;;"
accept-ranges: bytes
content-length: 109248
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/2020/02/shape4-home4-1-e1582991702121.png

168.119.149.7

200 OK

6.5 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2020/02/shape4-home4-1-e1582991702121.png
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 1043 x 747, 8-bit colormap, non-interlaced\012- data
Size
6.5 kB (6505 bytes)
Hash
cdcd2cd14ee817815e5de728f4b77fd5
e34811cf454660d37539ccd1bbc9cf63188d8412
992d9d8fcb704799f03a3a3537f7980f345827e2a3c9d2adf5374ae0d2312628

HTTP Headers

GET /wp-content/uploads/2020/02/shape4-home4-1-e1582991702121.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:48 GMT
etag: "1969-61ee50bc-be0adf4b87916a3b;;;"
accept-ranges: bytes
content-length: 6505
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.240.207.158

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.207.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1yizT13pCwtswuyk6sB/WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oac2lP8VnPbbxdNWr7Zkwookot8=

ps.rovedar.com/wp-content/uploads/2019/11/shape2-home1-e1583413932772.png

168.119.149.7

200 OK

5.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2019/11/shape2-home1-e1583413932772.png
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 215 x 339, 8-bit colormap, non-interlaced\012- data
Size
5.2 kB (5219 bytes)
Hash
d980142cf5cf7b5cad65e72554df592f
c6902b365eb029b6d447e37c94a891e04a6550d0
67f9e47cb1a2fd694c59e7104f594fa0e9c0d6c72239a5225dc14e01db35942d

HTTP Headers

GET /wp-content/uploads/2019/11/shape2-home1-e1583413932772.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:48 GMT
etag: "1463-61ee50bc-dc540a47008ed510;;;"
accept-ranges: bytes
content-length: 5219
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/2019/11/shape3-home1-e1583413921828.png

168.119.149.7

200 OK

8.1 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2019/11/shape3-home1-e1583413921828.png
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 237 x 311, 8-bit/color RGBA, non-interlaced\012- data
Size
8.1 kB (8143 bytes)
Hash
f6d5fbe60517d168f783d1722b2aa05f
8726f0ff5ea11c6acb241b189fd77e72822ff39c
e15dabaa5e71e3fee823b0adfc19a3a6cda366e3f5571056e54d4969ef1d6065

HTTP Headers

GET /wp-content/uploads/2019/11/shape3-home1-e1583413921828.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:49 GMT
etag: "1fcf-61ee50bd-7b5d754615630fa8;;;"
accept-ranges: bytes
content-length: 8143
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/2019/11/bg-chart3-1.png

168.119.149.7

200 OK

3.1 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2019/11/bg-chart3-1.png
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
PNG image data, 340 x 87, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3104 bytes)
Hash
f4866bea18cea2ac3c23431b26824d83
96a0fd2062b7933ff970160fc98d6e2c98ad95a0
8398fd9d215276cce8270b4b92cf3a86a4eb4377945c1da350e699007905208d

HTTP Headers

GET /wp-content/uploads/2019/11/bg-chart3-1.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:49 GMT
etag: "c20-61ee50bd-22bcea84a5b63731;;;"
accept-ranges: bytes
content-length: 3104
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

168.119.149.7

200 OK

25 kB

URL HTTP/2
ps.rovedar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
25 kB (25337 bytes)
Hash
abc62edba458916b4cbea19616926ac3
03391fa9ae07b31633c0738e848bf3f2d789d3c2
eef8f7e6a1fb267745b57a5bbe99baae80520858971b7d199501f196a5fd466c

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:17:07 GMT
etag: "48b9-63077653-7817c4e809587dda;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/2022/02/BG-Post-Sub.png

168.119.149.7

403 Forbidden

1.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2022/02/BG-Post-Sub.png
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1229 bytes)
Hash
836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7

HTTP Headers

GET /wp-content/uploads/2022/02/BG-Post-Sub.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/2020/08/bgfoot.jpg

168.119.149.7

200 OK

109 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/2020/08/bgfoot.jpg
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x1328, components 3\012- data
Size
109 kB (109248 bytes)
Hash
12dcb8d662aa8b314b2c65fbf6801359
832296167f1018098b5c982a0301b07c135009e2
bde0317cbaa43b9796d9c4107926fcfcfced093550a466336a36e1d8b02eb86b

HTTP Headers

GET /wp-content/uploads/2020/08/bgfoot.jpg HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/jpeg
last-modified: Sun, 06 Feb 2022 16:33:33 GMT
etag: "1aac0-61fff85d-7893f6b966d177b2;;;"
accept-ranges: bytes
content-length: 109248
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4

168.119.149.7

200 OK

75 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
data
Size
75 kB (75440 bytes)
Hash
b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

HTTP Headers

GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:18 GMT
etag: "28722-6310e036-8ff3cd137d011160;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18716
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 02:02:22 GMT
expires: Sun, 27 Aug 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 542311
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

142.250.74.163

200 OK

17 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Size
17 kB (16740 bytes)
Hash
e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

HTTP Headers

GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:39 GMT
expires: Tue, 29 Aug 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 308834
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

142.250.74.163

200 OK

21 kB

URL HTTP/2
fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20636, version 1.0\012- data
Size
21 kB (20636 bytes)
Hash
ba24c7ff5ccbf9671acfdf235b22cfa5
62d7d22c5b0e55a3bdd80eb635238249f61ed12a
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa

HTTP Headers

GET /s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:46:38 GMT
expires: Thu, 31 Aug 2023 19:46:38 GMT
cache-control: public, max-age=31536000
age: 132855
last-modified: Wed, 27 Apr 2022 15:30:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

142.250.74.163

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:40:18 GMT
expires: Fri, 01 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 57635
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2

168.119.149.7

301 Moved Permanently

0 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
content-length: 0
date: Fri, 02 Sep 2022 08:40:54 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10435 bytes)
Hash
955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 39808
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9252 bytes)
Hash
5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:48:18 GMT
age: 35556
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6196 bytes)
Hash
5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAMCgNpYR80vXSDyHFOFcbT8VukBemR2AGoGNaCfYaszKshu-gv6zg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:15 GMT
age: 38799
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans&display=swap

216.58.211.10

200 OK

17 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans&display=swap
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type
data
Size
17 kB (17433 bytes)
Hash
fce91c98decb3cac22fb357b06567a76
2b2dae8d3aced2dd3da314de6f0f34db42427b7d
de3b5418443a5f0b3bef855d2f180251b51aa5e7bfe6f3e826bc7609d4ec0d41

HTTP Headers

GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 08:40:52 GMT
date: Fri, 02 Sep 2022 08:40:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12204 bytes)
Hash
e10519422b7ff91c72bcf2234cea36cf
63cff2232383d9d7f2371d1f60cf7923b629fc82
71a4bfc0031e0f6152c441f4bf413c6e953f38a587a95900f3a6c63beecafb4b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12204
x-amzn-requestid: 5293c66e-68d3-472a-a6d2-69f161262f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMLDGK6oAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112713-66d01d9c2d12d55c465c5108;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:41:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cH0sSIFu5fSPywh8xnc0AHgD053jRBz3QLBSCk0IkcQwez-1M9hCJQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:18 GMT
age: 38796
etag: "63cff2232383d9d7f2371d1f60cf7923b629fc82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10015 bytes)
Hash
25983224daee47c629690b65e7db685b
6f144e4e28ba6dfb56860b187a224cfbc23b50bb
2ada67937844f22cf524d39cf034ae5e49dd892c4b2e70af31cec62c747e3762

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10015
x-amzn-requestid: 28b44607-90c3-42b0-9a47-5ffd4f670347
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLlfGBqIAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-38788fd737d1b6a35acc1fee;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ewn6Zur0bM9apclbO-0bIZV6NbnBIGAxuUtPQZBq-2f-SERyxA_w3Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:51 GMT
etag: "6f144e4e28ba6dfb56860b187a224cfbc23b50bb"
content-type: image/jpeg
age: 39783
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85

168.119.149.7

403 Forbidden

1.2 kB

URL HTTP/2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1229 bytes)
Hash
836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Fri, 02 Sep 2022 08:40:55 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2

168.119.149.7

301 Moved Permanently

0 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.min.js?ver=6.0.2
content-length: 0
date: Fri, 02 Sep 2022 08:40:56 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js

168.119.149.7

404 Not Found

17 kB

URL HTTP/2
ps.rovedar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Size
17 kB (16660 bytes)
Hash
72d00bff7ec73ef7f4f94ad9df8f2860
795bfd62ffd3a4140e0c82b0c5a1b1e401422413
a6e45b2e3dca7a091be182dae786d83cb228e8f00dd899436e6d671725b82f68

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/js/main/general/theplus.min.js?ver=1662050607

168.119.149.7

404 Not Found

0 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/js/main/general/theplus.min.js?ver=1662050607
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/theplus_elementor_addon/assets/js/main/general/theplus.min.js?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2

168.119.149.7

404 Not Found

0 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ps.rovedar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:41:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/

168.119.149.7

200 OK

0 B

URL HTTP/2
ps.rovedar.com/
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.27
last-modified: Fri, 02 Sep 2022 07:55:45 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

rovedar.com/ps1/wp-content/uploads/2022/02/bgfoot.jpg

116.202.195.240

404 Not Found

0 B

URL HTTP/2
rovedar.com/ps1/wp-content/uploads/2022/02/bgfoot.jpg
IP
116.202.195.240:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ps1/wp-content/uploads/2022/02/bgfoot.jpg HTTP/1.1
Host: rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 02 Sep 2022 08:40:53 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVarela+Round%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2

216.58.211.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVarela+Round%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP
216.58.211.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVarela+Round%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 08:40:53 GMT
date: Fri, 02 Sep 2022 08:40:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2

168.119.149.7

404 Not Found

0 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ps.rovedar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.4.85

168.119.149.7

404 Not Found

0 B

URL HTTP/2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.4.85
IP
168.119.149.7:0
ASN
#24940 Hetzner Online GmbH

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.4.85 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:58 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (38)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations