ps.rovedar.com/
168.119.149.7301 Moved Permanently 707 B IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 02 Sep 2022 08:40:51 GMT
server: LiteSpeed
location: https://ps.rovedar.com/
vary: User-Agent
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9407
Expires: Fri, 02 Sep 2022 11:17:38 GMT
Date: Fri, 02 Sep 2022 08:40:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 07:41:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kO5cSKNkAaIf3VA4DgeD-o9tL9HPRigaoekmhH66Hlv9d5HdRNdSzg==
Age: 3549
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oM7-tdv9cfGTB2NWkymjRU4YeM37ffAmU7svPpXcEG4dxswQoRkLIA==
age: 26735
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 08:40:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash 7acd74974d3bca3271899552103744e1
2ee187b88b603c8f212fc28135d249bb9961b69e
7f2b83a6a0424a1686b3a65feebc66943a4380af818af2ead44037ed920ba8e3
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: MISS
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Fri, 02 Sep 2022 08:40:52 GMT
Connection: keep-alive
X-N: S
ps.rovedar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
168.119.149.7200 OK 11 kB URL HTTP/2 ps.rovedar.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (43771)
Hash d45207ee05c1f0c57dfa075e61405ccd
a8d35143a2d828a739ea0fdde75f97d33621e7ec
a9a4adbbcee31ec277f1bdd573eef97dc4341f29f2db3b5685a02dfe4d2fe9bb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 22:21:30 GMT
etag: "15b64-62cdf3ea-54e3dd413a01acdf;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10946
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
168.119.149.7200 OK 1.1 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4933), with no line terminators
Hash 8f2da34c6f082c7bec00f9cca661fd59
d0de5b6b29a9788a64826b833465a9d08f7c2ab7
d461fea6636b26aab698f636b2518709cb79416c7d3916d6b03497c4d75befdd
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:24 GMT
etag: "1345-6307b2a0-25c93014ef64711a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1109
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
168.119.149.7200 OK 21 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 844842439ba060ee255a40ec00e69ff5
a37c3b78aeea3c7d58a6e59bfa99ff3d81ec5b8c
169af0ea951379b0d2a47976e8e76c6684fb2c92146e23c31e57079b9cacdba2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:23 GMT
etag: "333cb-6307b29f-ff093e48fdbcb834;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 20786
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
168.119.149.7200 OK 848 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:38:38 GMT
etag: "aab-6310e00e-db1076ad16a75f48;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 848
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2
168.119.149.7200 OK 12 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 0fba55d96f1648182326c68925f66925
fa8487bbe2d2420165c8e62f3fbfb5b200ce2328
bc8f0c7c5bf53b26afa88bbc7bd70ec0a53f9fa5597b55d156bcce560ce2e899
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile_footer_menu//inc/font-awesome/all.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 22:07:33 GMT
etag: "122c2-62686d25-8cf10e370298be88;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12264
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/v4-shims.css?ver=6.0.2
168.119.149.7200 OK 4.0 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/font-awesome/v4-shims.css?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (26440), with CRLF line terminators
Hash 55c03b3085a914443ec03aa6af329cab
3edef0d06fcdef95c24acd0663aee37bf9dfa840
9fcf789a291f096becb1efb1e75e5146f4bd9b3278764ea3437652b804b775b5
GET /wp-content/plugins/mobile_footer_menu//inc/font-awesome/v4-shims.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 22:07:31 GMT
etag: "6805-62686d23-e052aec3c5d567cd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3953
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2
168.119.149.7200 OK 4.0 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (41682)
Hash 264b5cf393a3934d95a58d1acaa6d8a4
572cbf94d0205050213663032e3472a9f87aaec4
64c64cd8f9dc4aa4cd87b1a2c743906b8b8d4b7275128dea9e23d8b540f46b27
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile_footer_menu//inc/assets/css/custom.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Tue, 26 Apr 2022 22:07:33 GMT
etag: "aabd-62686d25-e5d44a5d9468359d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4039
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/all.min.css?ver=6.0.2
168.119.149.7200 OK 31 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/all.min.css?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65367), with CRLF line terminators
Hash f8a772e0e44feafe423a71cb5b327309
b0424e28b43e3acb656819fd34da2a7d463a9667
29eff15ec2b8f67aebc9a6b580e0d4d4b4b6fa0e48121d3216f55b4fa1cd9bec
GET /wp-content/plugins/nirweb-support/assets/css/all.min.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 19 Jun 2022 09:40:54 GMT
etag: "294f1-62aeef26-ed3c53dbf1e5de6c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 31219
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/user.css?ver=6.0.2
168.119.149.7200 OK 4.3 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/nirweb-support/assets/css/user.css?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash 1beafd6195acbf777ded6b074d031e81
60857bc249f60b5de59f05641785a1210b6592f6
e963a9423f29a05c69af18264b3e3c0c3502f1e4e97562afeed5bc6134ee857d
GET /wp-content/plugins/nirweb-support/assets/css/user.css?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 19 Jun 2022 09:40:53 GMT
etag: "5c7b-62aeef25-57050d1b4f1f08b7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4272
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2
168.119.149.7200 OK 2.3 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (17809), with no line terminators
Hash 09d93f4de720fc11a2944fea38fcafcd
e46cf6a8d3373c7fa5feba0b30cd9b9983f719b2
cf900721be13309b96cf6c6f56b1c0a40194e8aea1b0a0361739219c9c0f9998
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "4591-6307b28a-fd12e13b74f7527e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2329
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
168.119.149.7200 OK 8.4 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 60aea8fe062ea93aa6dfa342ea23b7fd
bf9a4843acf8f1f116ef2cae7fb40a9a2f37253a
7db430ef3124de87a8a33cf0ffe134a86bff67de803eea16f4b3ed4d2d569d4f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:00 GMT
etag: "f523-6307b288-c340e5bea1105640;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 8432
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2
168.119.149.7200 OK 3.7 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 2f2f1b7717c9a3018da674a8bc0a2804
95c93d135332439e835b825f0de70edb8dc4fe66
ae54926b859f44d15e5a3dc5fe205523cbb59c208c7e6c07e60198b6a48bb9b5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/css/style.basic.css?ver=4.10.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 05:57:49 GMT
etag: "5d91-62f9e05d-7da352c38a9890cb;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3744
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2
168.119.149.7200 OK 1.1 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6387), with no line terminators
Hash 414e2c36ee2d70ba4f238bb9a49930af
1d5ff1f10c0fa59dd18a42b075c3d6acf371d7d1
e59ad248e2be0bfac533e6122152e72349dab7ef9e1837793723216c0226446f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/css/style-curvy-blue.css?ver=4.10.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Mon, 15 Aug 2022 05:57:49 GMT
etag: "18f3-62f9e05d-d77dfcc674928856;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1052
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
168.119.149.7200 OK 3.6 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (19233)
Hash af3bdf44d09914e8adb51fec560d8816
84bb225e096bab405868dd504e62133ba75cf1c1
4325dab21d3eb9efb8e285a0926be743f27e46446ccf5f9be65bb4b60c024152
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:38 GMT
etag: "4b4f-6310e04a-180086f68045a2ad;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3629
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
168.119.149.7200 OK 741 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (13766)
Hash 5c4b4ae69c514982d8e32ee57f3d5184
e4a867626d7329783b023dad2b5ec82a3f56953e
78b1902aae7d2ce3b60c5def9854aa45762744c7dc99ede1f26c48da8a173175
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:19 GMT
etag: "35ed-6310e037-23a1603e49fdda4f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 741
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/elementor/css/post-4296.css?ver=1662050606
168.119.149.7200 OK 365 B URL HTTP/2 ps.rovedar.com/wp-content/uploads/elementor/css/post-4296.css?ver=1662050606
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1331), with no line terminators
Hash be0ea536308ad6872228a28b1178b449
04d1ea6fda4eb49aa8ee0a2a34d459aac92041b9
2f82bae1b36d69b3314d0d7b52fb5e757d1211dcb0401316b1249f42a43d678f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-4296.css?ver=1662050606 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:26 GMT
etag: "533-6310e12e-5471590c9b99f6d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 365
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10
168.119.149.7200 OK 22 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65492)
Hash cf17765339c358f662f0b485e05b3d8b
f93370f6df67fceba23de2857f5cf37cb7369cf6
0708320b9ca5aebdff083bbc76f5742a64e3b3299a2c61337afeff80b9e6e8b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.0.10 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "33812-607da986-56765f478a2d99ff;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21617
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/elementor/css/global.css?ver=1662050607
168.119.149.7200 OK 3.4 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/elementor/css/global.css?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (20817), with CRLF, LF line terminators
Hash 85df4fecf75791e15b5d8acb5ee09cca
ab5229a4f6a0c5a489d372c65cd4978e7261aecb
13f0a01fbdbf92fb8bf3fa8d8cc1925c1fd71cdb409074ff741f6466725c2550
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "dc24-6310e12f-7532b155c7cc7edd;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3373
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
168.119.149.7200 OK 2.5 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (19116), with no line terminators
Hash 948e84b8f5d067b58e3f9e01ee3d0df9
4f4f2bfe3d895d111f578a998f3b9c74b6356155
d009426476a3d776228b56bce11c1532a9cabd6ab1fe485e3ab933cf928827c3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-5253.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "4aae-6310e12f-894db53ab877335c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2506
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.12
168.119.149.7200 OK 768 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.12
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3921)
Hash 8a61a7fcc559ba63e12e78a2cf3ad768
be5bb9051e0a8907ba3ce65bb1b9466d6487de67
8e16ea2ef67934229c001d14860d3dfef45f9bfb4f23bf561df450597b824f38
GET /wp-content/plugins/fluentform/public/css/fluent-forms-elementor-widget.css?ver=4.3.12 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:40:31 GMT
etag: "f52-6310e07f-46339d80e525e81c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 768
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
168.119.149.7200 OK 1.3 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7040)
Hash aaff20b9b23bdf8be25b08fe532cd992
28303abd9cc4cea4ad3fced587068b7034ee8eb3
45d0b2d4821e776331a71c136fa39d134b7b9dc9048f75118d8723438e10dc57
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-5254.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "25a5-6310e12f-b4cefb098b1a92e3;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1287
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607
168.119.149.7200 OK 1.1 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (13028), with no line terminators
Hash c870046dc6a588fd453fdd08344b5896
9ef2eaa183b0b16a3394def3c0d989fd0d279802
0b77038a2241e52b26884a0a60d9e35f7437bff28c831e280d4925088dc6445f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-6442.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "32e4-6310e12f-5ad11013f63027b2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1127
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/elementor/css/post-6507.css?ver=1662050607
168.119.149.7200 OK 367 B URL HTTP/2 ps.rovedar.com/wp-content/uploads/elementor/css/post-6507.css?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3217), with no line terminators
Hash b528caafa008b516f0f9f90375cbcd35
d4c9b89d0b1534093d4fbd97f50096f844769141
4bdfb38548d1d3234e18f3f50e2106367285cdb4b5486081893eea785feef2fa
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-6507.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:43:27 GMT
etag: "c91-6310e12f-30150d31953198ad;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 367
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
168.119.149.7200 OK 286 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:33 GMT
etag: "29d-6310e045-764fe7f277b8754f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 286
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1
168.119.149.7200 OK 30 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65447)
Hash 1f61f1e3c65ebf3864b053f2a777e001
d05eb3e253a1debcef62940a75b267102a906679
47d06924181247732d1d63ec1309057e0a82caa350b870153781421cc656be5a
GET /wp-content/plugins/jquery-updater/js/jquery-3.6.1.min.js?ver=3.6.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 14:29:02 GMT
etag: "15e40-630b7bae-c79d2860ae5ae9d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30317
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0
168.119.149.7200 OK 4.6 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (13326)
Hash 568016071783b5bf3c5258bf25f7b8a8
8906e1f88561cace5403446edbb94d6ac6b84928
a31775416df1c287f423ade3554bf255281a718a3fe4193aff196a46532ccb09
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/jquery-updater/js/jquery-migrate-3.4.0.min.js?ver=3.4.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 14:29:02 GMT
etag: "3470-630b7bae-c9b5c98ac5571a16;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4603
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2
168.119.149.7200 OK 2.4 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (1109), with CRLF line terminators
Hash 6f802dd176132debae1fd10c6ba1f9ba
237b16d69032778d84d4b852753a9bb6ebed6481
04c2e0df57aa9f6719362334138b0738017d6244d5209aca784d6dd0c35e4973
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/nirweb-support/assets/js/user.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:19:08 GMT
etag: "1fe4-630776cc-99248093d0708ca2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2357
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.css
168.119.149.7200 OK 1.5 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.css
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (26053), with no line terminators
Hash 5639e4329fc2bd97ef94f1260781166a
554d440071df8ed105686daa38d6417f098e1ffc
355f6c40fcb2d2e7d9dd9c63d0dd980c4344d7f4b45cf6f078df23be853ef0a9
GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 06 Feb 2022 21:12:45 GMT
etag: "65c5-620039cd-55d5ee19f82553a1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1539
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/uc_scroll_reveal_text.css
168.119.149.7200 OK 516 B URL HTTP/2 ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/uc_scroll_reveal_text.css
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash c02ff8d97199592481d1a4eb51592e7e
2d0be7b3ad891f2a5ec0d85a19c340b79e5ca726
a0bf9b92233ba5cecbb19c6e3a15a5cf16b1401a455bfc2a41af2235d526ac8f
GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/uc_scroll_reveal_text.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sun, 06 Feb 2022 21:12:45 GMT
etag: "e72-620039cd-80ba8d41549e55c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 516
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
168.119.149.7200 OK 12 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (55566)
Hash 4f55b569c93d063120210a6859cab84a
8c1065b740ae27bb5d9e71a308433b2547f68b9b
b3a66914862beaeab2e9c1a6c65066ea6ed7bcc6162c4c640ee45d5078717df4
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-all.min.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 05:17:50 GMT
etag: "d9c7-61fa13fe-78f0b782053c691;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 11711
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
168.119.149.7200 OK 4.0 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (26440)
Hash a2e2887e666bfc0b5029000ea6baa077
b081b105977789d47a9195f3d5b7b1f8c6417746
f43840e5ec035343b73d070304d320677d7f92e278ede50e36878c1617d881bb
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/font-awesome5/css/fontawesome-v4-shims.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 05:17:50 GMT
etag: "6801-61fa13fe-ca8e992c3ed6b194;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3950
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/assets/owl.carousel.css
168.119.149.7200 OK 1.2 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/assets/owl.carousel.css
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash df4c73e3f7df1ce66271a0009be8746b
f52ce409d36a2520a7216b5298f555d0a2c4df0b
9916d83442986660168a8faefd30de79af048d14651ec1715ceb6bbdf5470096
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/assets/owl.carousel.css HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 05:17:54 GMT
etag: "1288-61fa1402-959bdce7841b176b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1240
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4
168.119.149.7200 OK 2.4 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:36 GMT
etag: "4824-6310e048-cf46cd4d91c8e1b7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2442
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
168.119.149.7200 OK 2.8 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9680), with no line terminators
Hash 8a91034fce0e4a2464d2170d38d31382
f00c20cfcbd136ee9aa20d07085c10f470548fe4
1a8f0bcd2b76caf977b08ed30bdd29eb77405ca4c1fe2315b41f8fe2542f1528
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:38:38 GMT
etag: "25d0-6310e00e-2f7c054ccb5c20fe;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2799
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
168.119.149.7200 OK 3.7 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document, ASCII text, with very long lines (12211), with no line terminators
Hash b3777786fbf0ac18aa59c687154a9db8
3f24b0cfae49dc3e70f149edaf203a661cd59c88
8e3993f3b5eb33611a7c40d80d1cb048b4329ebb9ad0d9e8eb583e48fda70bb5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:38:38 GMT
etag: "2fb3-6310e00e-d97877251baabdde;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3689
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
168.119.149.7200 OK 3.2 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (9115)
Hash 66c388e07cfb57895688b3347ab7290b
f23bd7a31995b3b19924575f2afa297a29257856
3971f3ab5179d1f4f91d2c102f27c2bf1dac2c04e2f62ff3eae3ebfa8c28494e
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "2525-6307b28a-cab1e2b1bbed3ca0;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3245
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
168.119.149.7200 OK 899 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:03 GMT
etag: "72a-6307b28b-148617a1a8ff6097;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 899
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85
168.119.149.7403 Forbidden 1.2 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
168.119.149.7200 OK 12 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:33 GMT
etag: "e238-6310e045-db14f73ffa66797d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12133
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607
168.119.149.7200 OK 143 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type assembler source, ASCII text, with very long lines (33237)
Size 143 kB (142727 bytes)
Hash 0868b9c3a4e17ebe3e497f6b35a8bd1f
62f2e94ca3b8302b5d56b99fa5c1d1418ead5fbb
5319a5b8f2f4fbcf965f59801ccd3b9695040197366fd967e0a69abab0ec0287
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/theplus_elementor_addon/assets/css/main/general/theplus.min.css?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Sat, 26 Feb 2022 19:13:22 GMT
etag: "121c37-621a7bd2-b0e5721e7450b403;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 142727
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 08:38:16 GMT
Expires: Fri, 02 Sep 2022 09:15:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GPsUy0Rdw44lPA8XxCBHDJikPE98QvWXazbDqa9USBRql4PWcLjYrg==
Age: 156
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2eb022bbcb69557dc09477b624814e87
6030f2c630a01fbc027c887d31e696f84cc60c97
d7a508e276f0ca1b58b6af39720fb7ebb26fb38df50a159eb82d1d2542610b85
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4928
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:52 GMT
Last-Modified: Fri, 02 Sep 2022 07:18:44 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
168.119.149.7200 OK 1.7 kB URL HTTP/2 ps.rovedar.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (5477)
Hash fa921f07ecc438baf227765de450e215
1fdd49d8bb681cb118ea8d67d4fc61b0ad46cc95
b2cc68637048b04952a2f33163f64571145dbe0817a14c68fe6f1661bd81091f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:57:57 GMT
etag: "15fd-630771d5-340681e6cb2e9a5d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1733
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
168.119.149.7200 OK 2.0 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (4918)
Hash 5bdb04863f888d472d03a3205f7f7a8b
3758dcce12cf8c4f294cc9951aa6f38e6b15a282
ca27a8bc03b726be34834cf353304800de7ce76097903c592416e3be851acf74
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:30 GMT
etag: "135d-6310e042-8c45ff3f27b16f38;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2044
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10
168.119.149.7200 OK 1.8 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6595), with no line terminators
Hash bc7ad49bba8c6fece75cf20e318bde6d
329866570ac3995fb33f1f6b55e6ea3d3c85d25b
479c4099528678e6689805bc618a02c300d62a0f5b41800672c57fb1a458a50e
GET /wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.0.10 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "19c3-607da986-d2ae81a031127375;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1767
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10
168.119.149.7200 OK 46 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (47738), with LF, NEL line terminators
Hash 3794b437ae8b5f19e685c54f76491c93
e9aa7637ef02ed02ed3e089557836e6c6d0d73cf
21e0599531b97296b70ec9977a7037f5587f967c7e72770bf89d5c68cffa6bc5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.0.10 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "2e01c-607da986-4b339b86e007b526;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45635
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
168.119.149.7200 OK 2.9 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:36 GMT
etag: "2fa6-6310e048-d460d1d741a4615;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2867
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.4
168.119.149.7200 OK 1.0 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2620), with no line terminators
Hash 906c4decdcd32482c1cf583b07925d30
30e726b9febb4b651544266df656a21251f0e8e3
53f86e9641d0e35772d6b54294cc6dd685fb9a376a1baad151da120fef609423
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:30 GMT
etag: "a3c-6310e042-16f99d7ab13a1f0d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1047
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
168.119.149.7200 OK 3.3 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10544)
Hash 3821415a39954c48c7927e661467c6b8
dfe1116a0efc9898cb6caf094213880da83d6990
5f7f5b28f47c366a0bb70435dc3b2253278222c92429f013084f71fd7d29a32e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:36 GMT
etag: "29ba-6310e048-f05752e734c28fff;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3268
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
168.119.149.7200 OK 677 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "85b-6307b28a-fb6177f958bcd065;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 677
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
168.119.149.7200 OK 934 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2938), with no line terminators
Hash cf25dd071a208312bdc07f34d2cee027
76119563119eaae392ecc8903c989d98d0b93002
8635ba2cad8f887e72779bd526f8738ff6343c74cba715caf2eddea383ba7ce6
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 17:34:02 GMT
etag: "b7a-6307b28a-79d052977091384a;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 934
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
168.119.149.7200 OK 1.0 kB URL HTTP/2 ps.rovedar.com/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (3233)
Hash 9e26fdd5e87f346b6419a2f81e6b3fcb
ae55a3391e61ef838c8b352738e27417f4a88ad3
889b8ea6140d0999ba175bd4d8e13966def1de6a67e7ae4ba9c0b8ce2d4ccf85
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:02:33 GMT
etag: "d53-630772e9-30b6e25e37deb1df;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1000
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
168.119.149.7200 OK 3.0 kB URL HTTP/2 ps.rovedar.com/wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (10572)
Hash 4d91b181c899d08e40a921209ff01a35
a1fab39994e7a3a0bd3669e4d90867bdcb4c92fe
f03654a085cb9f742b777444c1a0d98925dbc1cae16f9d9c634eaadad6633dde
GET /wp-includes/js/jquery/ui/slider.min.js?ver=1.13.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:51:56 GMT
etag: "29ff-6307706c-71f3ae95f343e4e8;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3000
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753
168.119.149.7200 OK 6.0 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (580)
Hash be48b21b5201b47ae4287b7e9c42d0e0
24153843137521a3c31b6f93d684d6111f9bf711
8f2f68c21e2f0ba92ab7162ccfa75aadf50d105885f3b2a1575e5a964e2cb34a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-prereq.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "4dc9-62f9e05f-b58cd8cdb9e8b9a5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6036
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753
168.119.149.7200 OK 10 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (559)
Hash 754793315e74d7c835ad014ad8f78b62
82f8f855fa8fc6c76b15a0a9827d98319af7501c
f9f9c14b9c60491431c9845511ad1a463a1c39e33f9ef1266084e1665a15d30e
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-core.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "9d1e-62f9e05f-e2ce427f93823c01;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10291
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753
168.119.149.7200 OK 590 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (543)
Hash bbb31e1b289f0293c007bd6c1bfbd109
10dcd645bce9b6090745b3761b5209ff34561c8a
30f888a66f255d66699485479476ad5c59185e1e485ce8c10de1b397991c010d
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-results-vertical.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "5c7-62f9e05f-a189b2cc7d1725e5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 590
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753
168.119.149.7200 OK 636 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (528)
Hash 4a5e86d864f06fb49b5f96e9c3e4922a
d18725c12b5e52625e630d3629e012ecdac4d5a0
4f27afbd1a1a00a0eb78779ef5b1d70cdf00163a04cf7ffd1532368fe4cf4c25
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-autocomplete.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "680-62f9e05f-a1c0578a944a2ca2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 636
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753
168.119.149.7200 OK 71 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash 2e69ad2b1a30e8f89971cb6912f079cf
fe425f207b5ca32effaf1827173b16715a32e6a5
1771aad88d0164b8f869d097851c94cc83d1a837f12fe8de39d0f309fe45f33c
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-load.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "47-62f9e05f-9c111a5912216204;;;"
accept-ranges: bytes
content-length: 71
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753
168.119.149.7200 OK 1.7 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (542)
Hash 3f346b8fd1ee5dd2c99ca4ed88998f20
f76d6f510a0f3abe0947b4270a2a6e18bacded5a
c18fd1d47a6331d436d9906884950734545e09f20f2839ef6ecc69606bc4a671
GET /wp-content/plugins/ajax-search-lite/js/min/plugin/optimized/asl-wrapper.js?ver=4753 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 15 Aug 2022 05:57:51 GMT
etag: "13c9-62f9e05f-b8f18030677da84e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1704
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
168.119.149.7200 OK 6.9 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (25115)
Hash e8d8c6e4997a420abc51e5fa8c1caa8b
39ae930f057de725cff8549eed82f31f8d0816c1
730b8265b47a7f9bf014b64fb5c27f9f1cff1051dbf53e60ceb3cc16def732cc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/lib/smartmenus/jquery.smartmenus.min.js?ver=1.0.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Mon, 19 Apr 2021 16:02:14 GMT
etag: "6272-607da986-d26f2c7c22fdd2a5;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6935
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
168.119.149.7200 OK 1.2 kB URL HTTP/2 ps.rovedar.com/wp-includes/js/comment-reply.min.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2946)
Hash 7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f
GET /wp-includes/js/comment-reply.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 12:49:23 GMT
etag: "ba5-63076fd3-60897453a130f916;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1228
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4
168.119.149.7200 OK 10 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 1eddddd51b158817a86a3e7620f6abd1
590d7ed0319e6741695ddc7437839025aca96fc8
41ccbee929188c2d9549655cc19dd14842d2dff45cb7238914587ab0a10704a1
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:25 GMT
etag: "80a1-6310e03d-3cf6e126dad9586b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10420
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4
168.119.149.7200 OK 12 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (43101)
Hash bbfe647d2a65bb04f5c0a61b0ce4a217
8dc4ce842906bccd7c05fcaeb683dd133797644f
29d9b2d2f2b400a474d421f19797c9c1cbd9138a481b711c97e4b35072a76340
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:26 GMT
etag: "a884-6310e03e-dbd8a7ed8c127e80;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 12549
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
168.119.149.7200 OK 6.6 kB URL HTTP/2 ps.rovedar.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:14:47 GMT
etag: "50eb-630775c7-5138c6b9b2268a9;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 6637
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
168.119.149.7200 OK 34 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 01 Sep 2022 16:39:37 GMT
etag: "21f91-6310e049-2f1975e83b05c387;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 34004
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2
168.119.149.7200 OK 1.1 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (7043), with no line terminators
Hash 398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 17:34:00 GMT
etag: "1b83-6307b288-ad970d18687355ab;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1058
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6c2e5114156ac45cec856f3ea7f45872
011859d6358ad9298b557c1a4b33b80a7a5411ab
3a17c68f9f6cb51ef5c39157a5cae6526f7efae019cc9ae96706da80aea667da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ps.rovedar.com/wp-content/uploads/2022/01/bg1-menu.jpg
168.119.149.7200 OK 1.2 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2022/01/bg1-menu.jpg
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 57x82, components 3\012- data
Hash 0427f0787b1226e135e085374c060023
03cb26384488bdf79c0e603996809bb369140ba0
ed40c864382455bc60a92a4c48a717a8563b6c19d9b85ecbf5df4f35f69b3759
GET /wp-content/uploads/2022/01/bg1-menu.jpg HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/jpeg
last-modified: Sat, 19 Feb 2022 21:28:47 GMT
etag: "4ac-6211610f-19e601757b0565c5;;;"
accept-ranges: bytes
content-length: 1196
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/2022/02/bgfoot.jpg
168.119.149.7200 OK 109 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2022/02/bgfoot.jpg
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x1328, components 3\012- data
Size 109 kB (109248 bytes)
Hash 12dcb8d662aa8b314b2c65fbf6801359
832296167f1018098b5c982a0301b07c135009e2
bde0317cbaa43b9796d9c4107926fcfcfced093550a466336a36e1d8b02eb86b
GET /wp-content/uploads/2022/02/bgfoot.jpg HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5254.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/jpeg
last-modified: Sun, 06 Feb 2022 18:33:20 GMT
etag: "1aac0-62001470-59efcaf8a6dfffae;;;"
accept-ranges: bytes
content-length: 109248
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/2020/02/shape4-home4-1-e1582991702121.png
168.119.149.7200 OK 6.5 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2020/02/shape4-home4-1-e1582991702121.png
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 1043 x 747, 8-bit colormap, non-interlaced\012- data
Hash cdcd2cd14ee817815e5de728f4b77fd5
e34811cf454660d37539ccd1bbc9cf63188d8412
992d9d8fcb704799f03a3a3537f7980f345827e2a3c9d2adf5374ae0d2312628
GET /wp-content/uploads/2020/02/shape4-home4-1-e1582991702121.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:48 GMT
etag: "1969-61ee50bc-be0adf4b87916a3b;;;"
accept-ranges: bytes
content-length: 6505
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.240.207.158101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.207.158:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1yizT13pCwtswuyk6sB/WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oac2lP8VnPbbxdNWr7Zkwookot8=
ps.rovedar.com/wp-content/uploads/2019/11/shape2-home1-e1583413932772.png
168.119.149.7200 OK 5.2 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2019/11/shape2-home1-e1583413932772.png
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 215 x 339, 8-bit colormap, non-interlaced\012- data
Hash d980142cf5cf7b5cad65e72554df592f
c6902b365eb029b6d447e37c94a891e04a6550d0
67f9e47cb1a2fd694c59e7104f594fa0e9c0d6c72239a5225dc14e01db35942d
GET /wp-content/uploads/2019/11/shape2-home1-e1583413932772.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:48 GMT
etag: "1463-61ee50bc-dc540a47008ed510;;;"
accept-ranges: bytes
content-length: 5219
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/2019/11/shape3-home1-e1583413921828.png
168.119.149.7200 OK 8.1 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2019/11/shape3-home1-e1583413921828.png
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 237 x 311, 8-bit/color RGBA, non-interlaced\012- data
Hash f6d5fbe60517d168f783d1722b2aa05f
8726f0ff5ea11c6acb241b189fd77e72822ff39c
e15dabaa5e71e3fee823b0adfc19a3a6cda366e3f5571056e54d4969ef1d6065
GET /wp-content/uploads/2019/11/shape3-home1-e1583413921828.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:49 GMT
etag: "1fcf-61ee50bd-7b5d754615630fa8;;;"
accept-ranges: bytes
content-length: 8143
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/2019/11/bg-chart3-1.png
168.119.149.7200 OK 3.1 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2019/11/bg-chart3-1.png
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 340 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash f4866bea18cea2ac3c23431b26824d83
96a0fd2062b7933ff970160fc98d6e2c98ad95a0
8398fd9d215276cce8270b4b92cf3a86a4eb4377945c1da350e699007905208d
GET /wp-content/uploads/2019/11/bg-chart3-1.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/png
last-modified: Mon, 24 Jan 2022 07:09:49 GMT
etag: "c20-61ee50bd-22bcea84a5b63731;;;"
accept-ranges: bytes
content-length: 3104
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
168.119.149.7200 OK 25 kB URL HTTP/2 ps.rovedar.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash abc62edba458916b4cbea19616926ac3
03391fa9ae07b31633c0738e848bf3f2d789d3c2
eef8f7e6a1fb267745b57a5bbe99baae80520858971b7d199501f196a5fd466c
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: application/javascript
last-modified: Thu, 25 Aug 2022 13:17:07 GMT
etag: "48b9-63077653-7817c4e809587dda;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4619
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/2022/02/BG-Post-Sub.png
168.119.149.7403 Forbidden 1.2 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2022/02/BG-Post-Sub.png
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7
GET /wp-content/uploads/2022/02/BG-Post-Sub.png HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-5253.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/2020/08/bgfoot.jpg
168.119.149.7200 OK 109 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/2020/08/bgfoot.jpg
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2560x1328, components 3\012- data
Size 109 kB (109248 bytes)
Hash 12dcb8d662aa8b314b2c65fbf6801359
832296167f1018098b5c982a0301b07c135009e2
bde0317cbaa43b9796d9c4107926fcfcfced093550a466336a36e1d8b02eb86b
GET /wp-content/uploads/2020/08/bgfoot.jpg HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/wp-content/uploads/elementor/css/post-6442.css?ver=1662050607
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:53 GMT
content-type: image/jpeg
last-modified: Sun, 06 Feb 2022 16:33:33 GMT
etag: "1aac0-61fff85d-7893f6b966d177b2;;;"
accept-ranges: bytes
content-length: 109248
date: Fri, 02 Sep 2022 08:40:53 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
168.119.149.7200 OK 75 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash b5cf8ae26748570d8fb95a47f46b69e1
07bed153d47f9129a944ee54dd72952deed074c8
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.7.4 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 09 Sep 2022 08:40:52 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 16:39:18 GMT
etag: "28722-6310e036-8ff3cd137d011160;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 18716
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 Aug 2022 02:02:22 GMT
expires: Sun, 27 Aug 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 542311
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:39 GMT
expires: Tue, 29 Aug 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 308834
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 20636, version 1.0\012- data
Hash ba24c7ff5ccbf9671acfdf235b22cfa5
62d7d22c5b0e55a3bdd80eb635238249f61ed12a
bcf86d95e543e9748b28362562cdbce0c7be01b48dd54191912e15f820daf4aa
GET /s/varelaround/v19/w8gdH283Tvk__Lua32TysjIfp8uP.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20636
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:46:38 GMT
expires: Thu, 31 Aug 2023 19:46:38 GMT
cache-control: public, max-age=31536000
age: 132855
last-modified: Wed, 27 Apr 2022 15:30:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ps.rovedar.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:40:18 GMT
expires: Fri, 01 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 57635
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 660657162b524658006a1856e274a946
56c933c6682c0019f6dbd040da6b929044dc216a
9578fc0408868ae40d41af8d13787f4137853c056300524b5558b1c57d39b2b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 08:40:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2
168.119.149.7301 Moved Permanently 0 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.legacy.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
content-length: 0
date: Fri, 02 Sep 2022 08:40:54 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5762
Expires: Fri, 02 Sep 2022 10:16:56 GMT
Date: Fri, 02 Sep 2022 08:40:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 39808
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:48:18 GMT
age: 35556
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAMCgNpYR80vXSDyHFOFcbT8VukBemR2AGoGNaCfYaszKshu-gv6zg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:15 GMT
age: 38799
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&display=swap
216.58.211.10200 OK 17 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&display=swap
IP 216.58.211.10:0
Hash fce91c98decb3cac22fb357b06567a76
2b2dae8d3aced2dd3da314de6f0f34db42427b7d
de3b5418443a5f0b3bef855d2f180251b51aa5e7bfe6f3e826bc7609d4ec0d41
GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 08:40:52 GMT
date: Fri, 02 Sep 2022 08:40:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e10519422b7ff91c72bcf2234cea36cf
63cff2232383d9d7f2371d1f60cf7923b629fc82
71a4bfc0031e0f6152c441f4bf413c6e953f38a587a95900f3a6c63beecafb4b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9de9889-f1f6-417e-954b-af2056b62982.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12204
x-amzn-requestid: 5293c66e-68d3-472a-a6d2-69f161262f26
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMLDGK6oAMFTzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112713-66d01d9c2d12d55c465c5108;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:41:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cH0sSIFu5fSPywh8xnc0AHgD053jRBz3QLBSCk0IkcQwez-1M9hCJQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:18 GMT
age: 38796
etag: "63cff2232383d9d7f2371d1f60cf7923b629fc82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25983224daee47c629690b65e7db685b
6f144e4e28ba6dfb56860b187a224cfbc23b50bb
2ada67937844f22cf524d39cf034ae5e49dd892c4b2e70af31cec62c747e3762
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfd29a2d-3498-41a7-af26-6104f50c81c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10015
x-amzn-requestid: 28b44607-90c3-42b0-9a47-5ffd4f670347
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLlfGBqIAMFWqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112622-38788fd737d1b6a35acc1fee;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ewn6Zur0bM9apclbO-0bIZV6NbnBIGAxuUtPQZBq-2f-SERyxA_w3Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:51 GMT
etag: "6f144e4e28ba6dfb56860b187a224cfbc23b50bb"
content-type: image/jpeg
age: 39783
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85
168.119.149.7403 Forbidden 1.2 kB URL HTTP/2 ps.rovedar.com/wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 836004c8a38e0896f13e0e3684e7b042
a8b35765b1909aa611fee787e551eca2874310bc
1e7fda8475d2ba9e1f174715db67d3f7d0514b9172b6c405f2868a97b4afe8d7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/ac_assets/uc_scroll_reveal_text/aos.js?ver=1.4.85 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1229
date: Fri, 02 Sep 2022 08:40:55 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2
168.119.149.7301 Moved Permanently 0 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile_footer_menu//inc/assets/js/custombox.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: https://ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.min.js?ver=6.0.2
content-length: 0
date: Fri, 02 Sep 2022 08:40:56 GMT
server: LiteSpeed
vary: User-Agent
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
168.119.149.7404 Not Found 17 kB URL HTTP/2 ps.rovedar.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 72d00bff7ec73ef7f4f94ad9df8f2860
795bfd62ffd3a4140e0c82b0c5a1b1e401422413
a6e45b2e3dca7a091be182dae786d83cb228e8f00dd899436e6d671725b82f68
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:57 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/js/main/general/theplus.min.js?ver=1662050607
168.119.149.7404 Not Found 0 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/theplus_elementor_addon/assets/js/main/general/theplus.min.js?ver=1662050607
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/theplus_elementor_addon/assets/js/main/general/theplus.min.js?ver=1662050607 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:54 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
168.119.149.7404 Not Found 0 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ps.rovedar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:41:00 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/
168.119.149.7200 OK 0 B IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.27
last-modified: Fri, 02 Sep 2022 07:55:45 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:52 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
rovedar.com/ps1/wp-content/uploads/2022/02/bgfoot.jpg
116.202.195.240404 Not Found 0 B URL HTTP/2 rovedar.com/ps1/wp-content/uploads/2022/02/bgfoot.jpg
IP 116.202.195.240:0
ASN #24940 Hetzner Online GmbH
GET /ps1/wp-content/uploads/2022/02/bgfoot.jpg HTTP/1.1
Host: rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 02 Sep 2022 08:40:53 GMT
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVarela+Round%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVarela+Round%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 216.58.211.10:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CVarela+Round%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMontserrat%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 08:40:53 GMT
date: Fri, 02 Sep 2022 08:40:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
168.119.149.7404 Not Found 0 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile_footer_menu/inc/assets/js/custombox.legacy.min.js?ver=6.0.2 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ps.rovedar.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:55 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.4.85
168.119.149.7404 Not Found 0 B URL HTTP/2 ps.rovedar.com/wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.4.85
IP 168.119.149.7:0
ASN #24940 Hetzner Online GmbH
GET /wp-content/plugins/unlimited-elements-for-elementor-premium/assets_libraries/owl-carousel-new/owl.carousel.min.js?ver=1.4.85 HTTP/1.1
Host: ps.rovedar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ps.rovedar.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ps.rovedar.com/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 02 Sep 2022 08:40:58 GMT
server: LiteSpeed
X-Firefox-Spdy: h2