Report - afcintl.com/p/protege-zm-reusable-single-gas-monitor/

Report Overview

Submitted URL
afcintl.com/p/protege-zm-reusable-single-gas-monitor/
IP
68.65.123.238
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-27 14:40:34
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
116

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	104.18.32.68
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.149.28.179
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	71 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	2.1 kB	142.250.74.3
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
afcintl.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	842 B	2.1 kB	68.65.123.238
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
cfb.rabbitloader.xyz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	39 kB	374 kB	104.26.13.183
js.stripe.com	1149	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	86 kB	151.101.84.176

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.19.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rl_p1_2a_min.js?v=ri0qo0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/css/notices.min.css?ver=14	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/template.css?ver=6.0.16	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3	Malware
2022-09-27	medium	cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	cfb.rabbitloader.xyz/55rhwqil/rl_p1_2a_min.js?v=ri0qo0	13 kB	2023-03-07	2023-05-30
Pretty URL cfb.rabbitloader.xyz/55rhwqil/rl_p1_2a_min.js?v=ri0qo0 IP 104.26.13.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:42:14 Last Seen2023-05-30 05:32:00 Times Seen13 Hash e3991f6f624662949a33484a6d581228 13e735103271115040def89e016a8861f7dd2bf0 e9d07773836b825d70d60d4212c24b13d14e26d4723a0f203d233acd47ef87ab Loading...

HTTP Transactions (109)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9355
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 14:40:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jGIphMWyZdNKYeaOlk9sqOOVHJIu-_UZkgWCTNAwKkFnr3b0kdi0mA==
Age: 1493

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TGGlRyaLMVkXDoykNbKz4mg-_phWFuQnfBJwKPfj05jsdKJFosoNnw==
age: 18970
X-Firefox-Spdy: h2

afcintl.com/p/protege-zm-reusable-single-gas-monitor/

68.65.123.238

301 Moved Permanently

707 B

URL HTTP/1.1
afcintl.com/p/protege-zm-reusable-single-gas-monitor/
IP
68.65.123.238:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /p/protege-zm-reusable-single-gas-monitor/ HTTP/1.1
Host: afcintl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 27 Sep 2022 14:40:23 GMT
server: LiteSpeed
location: https://afcintl.com/p/protege-zm-reusable-single-gas-monitor/
x-turbo-charged-by: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:40:23 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3Cm_kIzaOtmSo9tCvxCi3mxwX6M6BFvf1hplTMwrar88uxxGzrNT6w==
Age: 1777

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
881114b0c9517a2b43294f020e4823a7
12d5fc6d1ae7aad8955e143fd569540335536325
a8f264789e35d9d802036cba2de11c711eed07bbe1aced10aceecda3c24404ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 14:40:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 06:12:23 GMT
Expires: Sat, 01 Oct 2022 06:12:22 GMT
Etag: "12d5fc6d1ae7aad8955e143fd569540335536325"
Cache-Control: max-age=314517,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7514fe85ca46b4ff-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1906
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:40:24 GMT
Last-Modified: Tue, 27 Sep 2022 14:08:38 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.149.28.179

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.149.28.179:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Yg90bzXViX9axgNvzHbCYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r6yqA17OOSvVoOqLRP2AKvR9fGQ=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15682
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 14:40:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15682
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 14:40:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15682
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 14:40:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15682
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 14:40:24 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7455 bytes)
Hash
5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 48869
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10211 bytes)
Hash
347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 60504
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 47672
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13213 bytes)
Hash
62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 61057
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8931 bytes)
Hash
720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TT7kAd3SRni2Wp5jiP6_mQvHE0U5_bjQ3VpIUZJqmTC_WhTa15UDzw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:34:25 GMT
age: 57959
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9163 bytes)
Hash
deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 60666
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.s-nw-a28/wp-content/uploads/afclogo.png

104.26.13.183

200 OK

8.3 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.s-nw-a28/wp-content/uploads/afclogo.png
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
8.3 kB (8250 bytes)
Hash
9696173879c97ad01f7becc8f87c4aa9
374d78cc8d07b3bdb608cf1628900155623d1cc9
c072595fe7e8744c61e96b3c184233338420f402b0d42a9f4b95d100b703313d

HTTP Headers

GET /55rhwqil/rls.s-nw-a28/wp-content/uploads/afclogo.png HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: image/webp
content-length: 8250
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Mon, 03 Oct 2022 12:45:12 GMT
last-modified: Tue, 28 Sep 2021 15:32:11 GMT
link: <https://afcintl.com:443/wp-content/uploads/afclogo.png>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success, png80
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2022 12:45:12
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: b422cf3b7b18685fa448ecb06c0396b3
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85UwzjM0RfKexUakEuxyTFJsD%2BiOfWbY2tnWlbUs9nQPvkEsz6%2FRRrRRg8ud245nFjj2oLRH9hQtSk05In9qcIjyk5Rzyg6LUxkN9%2FIsDKeKK1BDG4acGj%2FxkGQRcKd6knRhwKeC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514fe8c9f29fac4-OSL
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2

104.26.13.183

200 OK

2.0 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5919), with no line terminators
Size
2.0 kB (1963 bytes)
Hash
11ac318f34b89abcc903f6f61093ce6d
874374f684b0f6470ad1479268e680dffd80aea4
855e9a8b32a3f942ae2398684bfc02ca5027add1e2972a73a0a222daa289dd54

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Wed, 21 Sep 2022 03:15:48 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/14/2022 03:15:49
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: f53a46803d0c964a6a3c6c8f0bff98ae
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjJnoLXeougBczJXSIWnSuR%2FX1qSFKXjXpObQXHle5Z%2BKvP40Apc%2B%2Fjf2v%2Fup2eWkPgMm%2BHH4CKSGwClmLCFuVDM56Yqb1%2FfWdbEZ1XS2TLAM91CC53ZfVnv40a%2Bdj91KbInKtCA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef8dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2

104.26.13.183

200 OK

6.1 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (24073), with no line terminators
Size
6.1 kB (6104 bytes)
Hash
fe15ab29ecf301df3e9c3c737cb541ac
8aa27aff0fe28e321bb6d66d2c606c356daa390a
157fc3fa2bfb10d6265bfe745ba4ebe878b986bf8f4e9a7e2863e5a8a4e7895b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 757ba0fd67d1b593c0e33d9e992d69bc
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncsCeHN%2BQCes3Y23XtxF9cCQUNp192HmaeOlnxWPGpClzkaCdV2y3eddqMUQy%2B7NzJpe4uL51kjkTaOfKGs7S12qMQeebNHh43%2BCOCOmhKD5KKUPERTTIFnokbi%2BAV5K6LcHxHnZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef8ffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:40:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2

104.26.13.183

200 OK

2.5 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (14596), with no line terminators
Size
2.5 kB (2490 bytes)
Hash
f37b1b401cc698eacdea391a90ac65a9
ac2322d6edbae29219afa51ac522040c51e3f23a
b8db6d0a81f0e3bc3e8bc0a809fa56cf986205a6075d1b58072f322e788f4a3c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Fri, 30 Sep 2022 05:22:14 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/23/2022 05:22:14
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: dd5351b9e7f7861f07bde51ffbcbfe4d
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W31%2Bb5EoLNC%2B1qLR0kxs%2BvXZ%2Fzo1flOWxt4DBHebESND9aTaRPRqKjiifaFGCx9EaHOFXhQ6bzl1rjxMVpNwFZsjaqHFrEY7JaGmIzu5mPXRgML63d7T6rDlUunQ8IBgwwhO6NG%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef8cfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0

104.26.13.183

200 OK

76 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (5960), with no line terminators
Size
76 kB (76298 bytes)
Hash
047be8e760ee97c3a0227217ef9605a0
f82f2a8f6ba940f81f2832f4a3aaa72a742e7ed1
7990adc0b6a568191c41dce43adefb6958adaa95617bb13d33183b696a2ad542

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 06 Sep 2022 19:36:48 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: ffe7b5e440d8a65347adb471f95ca2b6
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJi0bbnU5LMFU7T%2FZ6dWe8PWiXppxGGAlVnoHn7fn6r0f4ro90wh8SFmydzI7Sob0IfEtQRT%2Bvg13aTtpWeunCCJ9RBydizqRP8oVK2xNGBVzL1%2FOH1WdFrxSEAzDd%2FqC4WZdlkv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef85fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2

104.26.13.183

200 OK

3.1 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (8258), with no line terminators
Size
3.1 kB (3115 bytes)
Hash
05e9aac6e78512bf041c171265fe68ac
4f8896bd5a4f7f3d27d42fe1efdd95ce0b71132e
908f00250456cacfce07e3814af318b440689a4cd53ded1daaecae4947434d3d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: bc290e0a2a7975805b591a2b536645f9
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJOchXNaHCr1yBF8wDHx3AUJTCqDWZo1I8kDmNp2z2mnrApOWlMcPCceaEZ6jaeaX%2FzpdgL8QtEmVzAa4T%2BCo%2F5wiSk8ScDENBxIxj40ASmTubg5HU3YM2f%2FNtbeuHBix25yWCdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe908ae9fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.19.0

104.26.13.183

200 OK

7.4 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.19.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (32986), with no line terminators
Size
7.4 kB (7414 bytes)
Hash
378a30a9e616a8c04c5aabe30c2ad149
291de9d2082e5efa7f596b9f54cdc95fe3bea6e5
c2ca2a667f5ec0795349955bb72bfd5f99609b120a9694b451fe11b96e7a66af

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.19.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Thu, 04 Aug 2022 13:35:20 GMT
link: <https://afcintl.com:443/wp-content/plugins/ajax-search-for-woocommerce/assets/css/style.min.css?ver=1.19.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:54
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 94c1e5d57318346b5c83bdb76b41794a
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcO9mYu0WOIQpfR%2FtQQzK2S8b2v1stuHYVOPZW8yDMEycVXt1xUPT%2Fb%2Bdjo8GxF6%2F%2BAt%2FoNzqx1JYS9JW%2B%2FLkBDRjPCk5uG1zuOZ5RtzJ0XX3%2F2LK8C4rwU3m44dRJbfn09Ix4NM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf76fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

js.stripe.com/v3/?ver=3.0

151.101.84.176

200 OK

86 kB

URL HTTP/2
js.stripe.com/v3/?ver=3.0
IP
151.101.84.176:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
86 kB (85596 bytes)
Hash
e0b4296fe3229dc81a575033832ff894
4769eebcdce651943c68d9c8402b47cd9bc8f3b8
9c08ce800423c5a72624eb8cf67cb728f7ccd103ed59bb9a0af4c64cca4a0d62

HTTP Headers

GET /v3/?ver=3.0 HTTP/1.1
Host: js.stripe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 20:45:16 GMT
etag: "8ff0c4c02b02329cf046b03e911d2dda"
cache-control: max-age=60
content-type: text/javascript; charset=utf-8
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Tue, 27 Sep 2022 14:40:25 GMT
via: 1.1 varnish
age: 32
x-request-id: b9f5580a-0c08-48bd-aeb0-be58d1a04ffd
x-served-by: cache-bma1650-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
timing-allow-origin: *
content-length: 85596
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3

104.26.13.183

200 OK

5.2 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (19457), with no line terminators
Size
5.2 kB (5234 bytes)
Hash
3932e478ad7cbcb657f12330cb3f6930
3a3954494ba9910637677394053eb3917f321feb
bc276ddcc2738587a534976aa243bf49e79f885cf7c8de08195498e01ca894eb

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:54
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 38972763000a079184ec4c647f16e4e0
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGmrQI%2B3jVIQxsLFV3pgY%2BwSQaXDtmsxlBN0m%2FYPuev65qNA1%2FOKnCIjUkqOmJ5JGew4GsUeXzXkoaauIUGeEztJy9Hz5E5r29pNRgzxkhXdqaD8MwIBmaVsCJGOoXk8pheJh5UO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf79fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rl_p1_2a_min.js?v=ri0qo0

104.26.13.183

200 OK

18 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rl_p1_2a_min.js?v=ri0qo0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (13296), with no line terminators
Size
18 kB (18546 bytes)
Hash
0e1084b2b31a68e7706a317738ceefaf
4049df8e4689f462bf31da3dbe6711720a812999
79f6295bd3ff07f171ddf1ccd69cc0f3d7a52ed080a5fbc6ef2399ec054826ed

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rl_p1_2a_min.js?v=ri0qo0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:24 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/12/2022 22:03:25
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 28154e68ddbe7756776c8f77a7ce0a68
cdn-cache: HIT
cf-cache-status: MISS
last-modified: Tue, 27 Sep 2022 14:40:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5q7Ok5s%2Brxx0Pza0Mph5KM3lJTJxjWjEryygDcyg8uq6hftG6VGuoqwXG1DtTznhhKwOMJ74KUNgt1T1VTKlpP2uOFHUbaz55E7VzJV%2BYNFABUMcNIc3zNzxR5oOPuIXXvsBQs8x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8b7de8fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/v7.b7ab607dceb5573cdc172ba3d58cf131.1.1.a28/rl.bs.critical.css?v=ri36bl

104.26.13.183

200 OK

21 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/v7.b7ab607dceb5573cdc172ba3d58cf131.1.1.a28/rl.bs.critical.css?v=ri36bl
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (33490), with no line terminators
Size
21 kB (20802 bytes)
Hash
73c816459d10561079b34e3f697cd646
580f131370ef25a4b2f40a3e9fe15218f96f2e44
35274c1b9fbed78b16b648240fb9a28aaeb13d1c768a90154efbb287288ea0ca

HTTP Headers

GET /55rhwqil/v7.b7ab607dceb5573cdc172ba3d58cf131.1.1.a28/rl.bs.critical.css?v=ri36bl HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:24 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=25600000
etag: W/"631a4bdb-82d2"
last-modified: Thu, 08 Sep 2022 20:08:59 GMT
cdn-storageserver: UK-317
cdn-fileserver: 317
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:49
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: f05c2ee4a5d3bac90f2da6389187c947
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZijaVVf5MEWl8QFVkHcAP4DxY4Ch1uInor6IZKJGtZC1W4pi7%2BL%2FIILxd22cYOAPG0cX7m3UUQ6u1a839mt7%2Fb5nk1WfEEEdOZMxWF0GgmTQu7Cg6ib7T33dMyCt5hTKxpMv8Kod"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8b6de7fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7998 bytes)
Hash
27d324b1fb661c318aced98468501b3c
5c4ee294c98e8fc9312a7d481b6ec165494cf852
937296b5da48df0495ebd0cb3509b7c00059725c00c5b97f475ba2382a0e5437

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20fede81-e065-476d-b8c9-466c4d80f419.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7998
x-amzn-requestid: ee048e0b-c35d-4d51-ace4-95d177e1f945
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTaoGXeIAMFvEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cc43-320225eb4b41b08945a15787;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:46:43 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1X8PvROlxYbam3jAL1auSg3Lt1Fx3RuQDJFgRzF4F6UUMs2tY-aRYQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:13:50 GMT
age: 59201
etag: "5c4ee294c98e8fc9312a7d481b6ec165494cf852"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2

104.26.13.183

200 OK

4.0 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1668)
Size
4.0 kB (4048 bytes)
Hash
e5ced0e9d3a70d66e31e2617f488f56d
c6cdade21e8ca97e7e424c954009a4fa26ebd5dc
a4260275903a64366e52cf3982ddf96ec68436b46101b9b7675c6fc494b9d4a3

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 083128acc8da2e595b3949688f647e25
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01kdRGdTDxfv0%2FHWZkxVbxwV%2FSSmPkXKtGmYnE3joLpUzG9%2FzdQBaUshzB0wNSMGdHxSJM1gqkT7mEMAsLAwG29Xl6do8m7XIwsBMVPtWrfU4LyQpYvx6VFva2%2FfhjMf5mtMSLUV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe906acdfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0

104.26.13.183

200 OK

98 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
98 kB (97678 bytes)
Hash
3327cd6b3b3dfa3d18d2077df3e30a8d
27aa73143cee1bf287b1998113e61d3761fd2929
de06a1c6ea640a4abae876e5c018fe65841ad8fb97f7605e6fd260c8481a4841

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 23 Aug 2022 07:39:12 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 6194db36547e7c995d87e19423f09d98
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TUvvPa08%2BBSo79N2XtJcpIhlpLhWK9T39AUuholrIlkRDMlyNVKxoWgSB9Ht8zCXshXfI9TrwlZHFzoCeCTV%2FmClnkTlsJqs22JECoofa1IS7HFXXCKEnOz5B5nGWn5vzVsaovWf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7688cfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/woocommerce/functions/js/woocommerce.min.js?ver=2.1.2

104.26.13.183

200 OK

1.8 kB

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/woocommerce/functions/js/woocommerce.min.js?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (3991), with no line terminators
Size
1.8 kB (1792 bytes)
Hash
284f69ea3476d66e36be2e3e8c1a01f3
9a7c00a8a8e072bfb5ba660ee78de0b488c7496c
cc290c6d0ec2379c7f78cdb13261a3609bd25e5da2ea6795351df447bd3c5aee

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/woocommerce/functions/js/woocommerce.min.js?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:56 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/woocommerce/functions/js/woocommerce.min.js?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:56
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: e6f3d5b18b0929be66e7e46ade2f6372
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FFV7DG7%2FxuvhJz6OQXUp3rLfxGzlQdXPL2UxXDAK2i2nF%2BEz7QmNLk8jYCmKDnCRp6PHRNiBl57eoszjvXLlb3VNDppvWaKA04jWc6zFwYWfzkgFGElCN%2FsJRNX4C08qWF4qC6sO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8b987fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:55 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 92755f3d545fa98f9f97c1c94e8e8634
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tTTfeoXdOsCEwojIFDxQniswrO6jAJlVKVEldoZ2M7GFPtkdLgz4TXFndL%2BmYYyQhdb6DkDMEGkGhjTiAGyp7vLEMu24bDYbWkcj3bUbj5u2zC2x3a%2FN2wqgKA%2BguccB%2BUhLscfr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb88966fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 23 Aug 2022 07:39:11 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 58410c910334a3e39b3e88066010171d
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFnhD5j83cdyY6CKZfOod5pgw46P0urlJSG9sEyJelKUsqY%2B3yKIKcQhJRtD7qhuHSS225qkS%2FTAyCPKdYpElMQJ2ezODTRpAI5AwpfNQBuJHH1nyqFedBdqnQbqIV55A4CPoa7P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf74fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 11:25:53 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:54
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: dd243664147b6832abac5d1d16d480c1
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BH4nZ1YQIuTdz9%2BLcqBXQTFyCr98DK7ho9YPbswtT4axn56niIRWbKu57kzS%2Ffiy%2BSkxS6N9bnVNzedL212ce6kCKpPMz8UPgq%2FKMGG%2Btvi21FHrnb8CfC1Xxwg%2ByIJJVtBGKk1h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe907ae0fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Wed, 21 Sep 2022 03:15:48 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/menu-plus/functions/css/offside.min.css?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/14/2022 03:15:49
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: f53a46803d0c964a6a3c6c8f0bff98ae
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CNJUfodavw%2Fh1ojVQWD1wF1J3oMeTw4yZvu0n1CpmimTRsS9%2BupiKXcXh5sPBw%2BhnQZ4lV1D2WWzUFvidq66Mzhb6L7yGxvzX7xJBqCM6E4M3b%2BrDzrQ%2BNXq65P90Mtry7Vy0IFp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7b8bcfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/zoom/jquery.zoom.min.js?ver=1.7.21-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 3ca5170d362e21a685625290d3d2e6c5
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fby5dMhbfWzASTgN9Ylfiu20vY%2F6OElOuBQm5UJIfo4Jy4fbhKIUrurQCI%2FDKy3SxDLUmd4%2BGJbgw6moMfCQRjy%2BJCmyAvJeO8YlJNK1NaZInjqsShTD2gfL%2BiRXM%2BU00hsOgdHz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe905ab7fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 28 Sep 2021 15:32:57 GMT
link: <https://afcintl.com:443/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: fe9f8c8d770eb5b36ecc1ef7403e8652
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCp1NPMm1yHNMXKWVTT18w9elwohKjkiE7ZwFm18Yb8mPpLL1XJjkMIWXlW5r1CswY3Ra9VpyB6%2FoMxyjvCxWgZu7S8%2F52CalyxN0GOZCKyOZaKLVVZSrcVvSKe2hDZC313ddmzp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb798a5fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce.min.css?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 757ba0fd67d1b593c0e33d9e992d69bc
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QUNVbr0QjHLtQ65jHPlmcyo55oFTyvfos%2BTSdpuw963s25IkcDKCqdwrkyFe%2Bbm2f7R62m79PE4FDHvRqkFfJO1IyyZ2fkDaIV2kLXDfLhDsZ6gckpZEuyn0AjS34DRBpig5dDef"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7b8bdfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 09:53:24 GMT
last-modified: Mon, 26 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/27/2022 09:53:25
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 61aa34c3db9e9124092d8dbaaa178c92
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d68yq%2Fi%2BhKeN60gsbm4%2Fl%2B2lC6BqEShS5a0wDSobdJ13ouj8aehogKQm8tOF77KL06byEl3BdCO1b0jULE%2FT5oSNpsaGAr%2FNshs7fT61%2Fmylr8MoUhobKUqaOGIeh3Lxf6R%2BKP3r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb84934fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 11:25:53 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:54
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: dd243664147b6832abac5d1d16d480c1
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKPOM6hMeKohwnMR%2BxKMeQjNqZLiOEAZHqpYV0t6S6YFOxj%2BeXI30ZGos4evlcP56AP11OS%2Br4r%2By6aHO%2FZwXP5a7BgRIVBqiU9JmCM175i9ePypAWUZNrlZjLOKh0EzPeM3Ah%2B3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb88965fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Sun, 02 Oct 2022 10:00:54 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:54
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: a4758e0bc3f62213fc11398c8e341b1d
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0w4%2B1Xxv2uPBrY%2B%2FmAfJ4B2pBT3fl89zvj%2F9e82yHly7uX5Dm6KeQjtscrmUmtG8K9PhZGngQRRdt1U9OY9mf6r5CB3ruUjgfVhkEvS06LBe3uSDMj4P%2BJpROmf0Yq0vyBdIRmc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf6bfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 28 Sep 2021 15:33:03 GMT
link: <https://afcintl.com:443/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: e9276a8c1d09a2c9270346bedd23a817
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zIpcPF8LoCkeADqJ2I51fJ%2FE%2BXj0UKGpg5PyVwO%2BHC8Yg5I1DIOFAgAL1UCoicD%2BkoeAVuLwyffZoS1U0PvwUdVOzb9PZqM3wcl6ysm9P0RKppex3i119i%2Fh5KVAKHzRwPOvVITQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef87fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 08:23:13 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 08:23:14
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 0fb97c3183414c1043d42f3fb08b12e5
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZKwlit%2FYuGtpd4E7YuGyFSIU4kb9ASa9JySdg%2FadJMECBEfHKv5bkM7F6AWeCef79WXWUZG%2B%2FFbbrXktlIWMzMjdNrXuWfvyLlPn1uetZ9Wp1Q8NgqNrXq6kfFHvYUkDGaFhBT3R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe905aa5fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/jquery-payment/jquery.payment.min.js?ver=3.0.0-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: bc290e0a2a7975805b591a2b536645f9
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8oLJ9k5VyIPEXDk7gZ1MY%2BC7%2BR64O%2BrlME2I6EAIfmhAv4hYDLm7vob1%2FUEp44UvJaKyePQWU3zJn6Isuh40qZhDV9C8rdrmEHq7iDciZGV%2B4GG%2FITZ1%2FFKhuS3awnD5wwHTflB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8b983fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Thu, 01 Sep 2022 19:38:25 GMT
link: <https://afcintl.com:443/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:54
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: d90fcb510e4529139e6d77d42c10ab26
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEMeYAkq20niqNq8%2B4Jc9Ycfmf0Hbvt617yeEgP9Z8iimo6AkUqUKYfJYWRspQiOnzITMD0PBuaFuRV28my5z965O7vUPMfI5%2Bqj1BqZli2zzNMmoUYEHwM2so1O55XXbKyt6wVZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7688dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 23 Aug 2022 07:39:11 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 55c2d26bdb5739f4a25bcddf33b73eed
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfzQiiueVbZfkHwrFcjLtwo4zY6mB1CKCDSDEMcfoleEc0G1%2BLudxpdcI2jfrMbN%2F1f5F8E3b0wUM8YgM%2FOuCOtkmc1ge6UxmGvZf8F%2FE02%2BICiPkXgXo6frihq3bEYmbB9IxKPZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf71fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 103e3b8e443855b41a3816f597d3e6ed
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u7s%2FUHDLLIMhtYaGPlJ%2Br9Zm5c7sBEDQNmPfML1qqac4NmAFGlKyBcOzfmu9xruCr3BJ%2FootNFY8MM4bPiV3Oh%2FW8Qmj6LJ8RcscVOlNNMv99yXxgoDCcdGguLXDsVUT4lfhFXAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe906ac7fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 07:25:33 GMT
last-modified: Tue, 13 Sep 2022 19:36:51 GMT
link: <https://afcintl.com:443/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/20/2022 07:25:33
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 068176fd782f4ab3d1e78b1329d85784
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmpXUucrN%2BVqSTT6zHx%2B6QsnQb%2F7flt2FQsKK7pGVAU6QLCCfHOfBYLwELPcfJshSBEF20xko0rFqJqhKMptR6%2B19XPJi460gzv1X%2BB%2Fn9kyvffEVs%2FXPEET9iySY%2Br2tXIGPDEV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe908af1fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 23 Aug 2022 07:39:11 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 58410c910334a3e39b3e88066010171d
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLQFCIIalJfzlpso7rmfh9FkVQBN4PjrpEwmQAHFHdbx4ttRdxb4JBM8yfpe9oSIXzIRBKMPtwhyKmeV0nULYe6TItW2GerD5k9WDPnHt9Sg1ccwy1GNFB6LaTZjUx0UKdkBWnhX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb77892fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 23 Aug 2022 07:39:11 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:54
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: d29ee7c4c5cb99c015b6ae6f8fa2b761
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YksZ%2FJSUXlwkkeSuni2L%2BMaU7INUMFYx2Wq4hNPplZost5W3BJogxLK88ZN3jFW04ouJH%2BmSdjqxx%2BSxTDF720DCqSTJME3%2FyvFIwKFvolwAHZZsty9c4YKswygBRCd5R%2FejpALN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf6ffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 28 Sep 2021 15:32:57 GMT
link: <https://afcintl.com:443/wp-content/plugins/minimum-purchase-for-woocommerce/core/css/vtmin-error-style.css?ver=6.0.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: fe9f8c8d770eb5b36ecc1ef7403e8652
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1573BaI9CZNvu3gDTyB%2BEAMuFm13n4PaVyGIyKv7uP8UlcgR74E8Zi6k1JNLRfU%2FEB5eVPQ%2FkSqYbrazn4Yx98E9y%2BXXzSEuYhHCkakEIIFNoRpwVBMBb9mX%2F4Kk%2BUuQ17jMvu1O"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef84fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 07:25:33 GMT
last-modified: Tue, 13 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/20/2022 07:25:33
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: dba9826553d1a20695e61764e0fdec8c
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0cwXtmlvrQU9CbWWvU6Lvw9TUDmrhYAmwZZNacT38jNks2ktZiEc4khbNNJ%2BnVaGXNKlJmOCUpUdtMg0mdT8JSTxoDZD7r%2F9NJyPV8CVBCgMbbW31XlPK66fy5BSUqnKb6cjH27"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe907addfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:43:27 GMT
last-modified: Thu, 15 Sep 2022 19:37:07 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/frontend/tokenization-form.min.js?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/20/2022 14:43:27
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 1afe633288482822b26b89485d8fac5f
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YegDNgrewKrmylrwvdv08KnW1qgJ2Pwfei4tm%2BSiRxDY%2BE5ZkjzhxDRCTFZXDiRX9VrNPubbTpIwqGuU3DSvfdBW1iyPbZ3jatToXM09AnWRnOn5NbsPrnKnCEFmItIwVtDCl9ae"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb81901fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 08:23:13 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 08:23:14
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 73dcabb113ea5113d7b9ce7b5c0565b1
cdn-cache: REVALIDATED
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D2wTiTsoDh4kjmHybZuCO7FRUh%2BMIRZZSSMpZisAATzo0WHUJwg%2Fh0h%2B%2BgnULdVWqx4B0Z%2BylweezB%2FgqNcGsJ5y1A81TkuK6Rkg%2ByPA8cGqQ6TNuKbqJLa1xwCPMpVKln350sKM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8291cfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 03:47:17 GMT
last-modified: Tue, 06 Sep 2022 19:36:48 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/18/2022 03:47:17
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: c61755f20666c40ca097d1d1a5a64a69
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlG78aKQq3OZaWJuPanU%2BvkQe9ox2%2Bt7%2BXcSGlKUouN9SlFveRWcWti1aWG180cZqxpimeoRDiJxp1vStEMPoKPScrfQAg4vU%2FopeE3pndO40pzeyLve51NfUSVw63mHBjgrwIR4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8b984fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce-mobile.min.css?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce-mobile.min.css?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce-mobile.min.css?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/woocommerce/functions/css/woocommerce-mobile.min.css?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: f8ae792078bfadc6c416a9b17fa88433
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pX7K5i3csgHzY%2BLG1PsOESV0tsAS%2BKO4830J%2FeZbeuFRxgt5eQDh1SnVUORVQ7UGfueMcm62teRAgyRkOYqHN6aBF9uVocc9JWNzl3Mq8ilk6%2FltiFzHutYlxNSVDOn0oTYT%2FFn2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef91fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:55 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 92755f3d545fa98f9f97c1c94e8e8634
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cIgqb5M42SnGEN64yyfM5VSh7d%2F9v88Lviqc0QjqrvvPx1cvJAK2txhNVDYDhLYbz2GNoxClznV7LoOWJSkdqXQtUdGZMI6rqW4QJ5QK2uXfUE60RVdTWOwa7zodVeUsfT9rk20b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe907ae4fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:54
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 38972763000a079184ec4c647f16e4e0
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KK2r5snpCMl0jaAla8smTsUEB86WdBe0M4kTK51%2BSqXr2I340PjkaMcPmsf35B6j%2BzEtWHQGweexjBrY8x64o5RZtcGDaa5pVQKYRtHRLDYpbvRelyJk17tJ0F%2BJHwVOCMPAPFk7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7889cfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

afcintl.com/p/protege-zm-reusable-single-gas-monitor/

68.65.123.238

200 OK

0 B

URL HTTP/2
afcintl.com/p/protege-zm-reusable-single-gas-monitor/
IP
68.65.123.238:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /p/protege-zm-reusable-single-gas-monitor/ HTTP/1.1
Host: afcintl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.30
set-cookie: mailchimp_landing_site=https%3A%2F%2Fafcintl.com%2Fp%2Fprotege-zm-reusable-single-gas-monitor%2F%3Frl-no-optimization%3D1; expires=Tue, 11-Oct-2022 15:09:51 GMT; Max-Age=2419200; path=/; secure; SameSite=Strict
PHPSESSID=27a61a13b1e0893427ecf4022ba4dff0; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://afcintl.com/wp-json/>; rel="https://api.w.org/", <https://afcintl.com/wp-json/wp/v2/product/6344>; rel="alternate"; type="application/json", <https://afcintl.com/?p=6344>; rel=shortlink, <https://cfb.rabbitloader.xyz/55rhwqil/v7.b7ab607dceb5573cdc172ba3d58cf131.1.1.a28/rl.bs.critical.css?v=ri36bl>; rel=preload; as=style, <https://cfb.rabbitloader.xyz/55rhwqil/rl_p1_2a_min.js?v=ri0qo0>; rel=preload; as=script
x-turbo-charged-by: LiteSpeed
x-encoded-content-encoding: gzip
x-rl-cache: hit
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 14:40:24 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Mon, 03 Oct 2022 12:45:12 GMT
last-modified: Tue, 20 Sep 2022 19:37:51 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2022 12:45:12
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 8778ede011d04762c5991b2ccbed4987
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJOvRzeg%2BORb9t5XS9cOeWMbd4MvBr5ML0TDWHe9tXP5Q%2BcSgNElWClNO2Dqa2SFS7YWr8wxhvPAJW4hUaHAEyeU5Lts9%2BCm5I6vzI7x9wN5Hxq4CwyMg5WILZwBVikSLoggim6i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8ccf60fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:56 GMT
last-modified: Mon, 13 Jun 2022 14:29:24 GMT
link: <https://afcintl.com:443/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:56
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: cc530565644a7b086124bf1408333271
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3PjmEd96tK4Y3fS%2FwQOpgQmMWzbVQvfxrRrBCYOxEW6QGGbWml8%2FP8VD1j7r0ThncSQ381%2B3QcFiJWo1c%2F2g0N5Jw6rT292Nb2dtJ6HYzEd8Z20FSS%2Fofbn3RJy9TNf1SPe9pnf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe904a9efac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 09:53:24 GMT
last-modified: Mon, 26 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/27/2022 09:53:25
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 1a60afaf0f28eb6cdb698938ae982290
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6WmPnQ8P2qh1k2dHvfW%2FDPLwMFeA3bZI%2BAOcotkYt%2BzjNK6qRzwm3jyUw15mdSyQt7QPhxkD5JnfNuaU66tuv%2BUzl%2FWjZwQjIv1ZqYwGHwQ3t8fWvjWKS7mSw0G5GUpXTjAoA3K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe906acafac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/frontend/single-product.min.js?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 103e3b8e443855b41a3816f597d3e6ed
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9n2aJBgjzR%2ByTZnp0ZVWwmb%2FaosBqki1ah6%2B2ZPbBs99IYHRFByJ6pw%2F1D4oDuuhoe2VyD8%2FWv5wdLKCyJNtPzj%2FlQPrnuhNhH6RlgDG6q8jjh8%2F9hcReyMtej0JbVmovxyXutO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb84935fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:55 GMT
last-modified: Mon, 13 Jun 2022 14:29:23 GMT
link: <https://afcintl.com:443/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: ef6bd51f23ab6d8f56596950fe49f757
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MuqsMeakJqPFIaqeGbqlpWmZ12P1x83Uh9viEy1SQ%2BZgLC8vn1p7npmQN7dRvm%2F1qOjaM8xFvtTUi62mcbSlT2i7ogAUFNGT8h4GpdiA9hRlLlyTFMgeH9YnTUsPnHx4fwYBIqKw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe904a8bfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 09:53:24 GMT
last-modified: Mon, 26 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/27/2022 09:53:25
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 705ae7a388521fcdea09f582d12a452b
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=21C3kHRgZ6b02P%2B%2FW7ZBAb%2FS0pR8BXZnE6wJvIZQ0QjFNqocg5pFGsUCl3baTbRYQE3O6JcGsbt%2FzpJlUoc2Y5RVpS7WD5ec3O%2FpfRHpQkVj5HQlA5lXovJna0IydO%2BtBpgNkuln"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe908aedfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 08:23:13 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/menu-plus/functions/js/sticky.min.js?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 08:23:14
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 0fb97c3183414c1043d42f3fb08b12e5
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WeXlxZpvpyfarzPRl%2FQrACNn%2FuqZmLiJk0J5RCc1e6SZMpprSU0J69zMR23OCS29rHhcmHmAjnVv8S9MC5eKE8m9RQTpyavc5rKZXILulqs%2FjwCdcemN9sOGHIKU37A%2F%2FvQjzPTQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb82919fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 22:56:58 GMT
last-modified: Mon, 29 Aug 2022 19:37:07 GMT
link: <https://afcintl.com:443/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 22:56:58
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: ff28e017e28830fb96667c53b42c2980
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiZ%2BbU%2B%2FpsIbZU7LY1dGu%2BcmB%2BsQTbs4gUXbKaWZDOUyr1uKe%2BevBRLLLMoSmRzf7kk8QGWB56i5UvDLNR8UZeO6KRdB8FI5jM7w89cJinm2Pa9aS1u1YUAc50g4FFQ9E6lWTj0%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8a97efac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/css/notices.min.css?ver=14

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/css/notices.min.css?ver=14
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/css/notices.min.css?ver=14 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:53 GMT
last-modified: Mon, 29 Aug 2022 19:37:07 GMT
link: <https://afcintl.com:443/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/css/notices.min.css?ver=14>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: db3b749442b1c0f1ea0ffb37fc2d37c4
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0sC2pnVfaQaUxW1jpQlG6W5wNI4Ow853GcGUzk99UZvz%2F%2BReaGQRPeGsOzfLpr1fM4KBJZAQR4S4Xl3OAl0KdELoZi02uOQbiBKUriKugnXjkTIcshkEZU%2B3WwQm7DQ5e4rwu4f"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7514fe8cef81fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:55 GMT
last-modified: Mon, 13 Jun 2022 14:29:24 GMT
link: <https://afcintl.com:443/wp-includes/js/dist/a11y.min.js?ver=a38319d7ba46c6e60f7f9d4c371222c5>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:56
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: e730dd062e1e0ed9ee55030277b70ae2
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eg3aDd8WI85g0596T%2FU3kn6foLoi6ojUdSORhNnL6JOyORohjTX1RI1ECcqWx28FOZuB7nlORr%2FQJ3L4ItgQySeI87Iqb0WcrwDfxdioZjQ5wQt3yzF903HUYHkyXC9npnWIOxDM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe905aa0fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:26 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 08:23:13 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/menu-plus/functions/js/offside.min.js?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 08:23:14
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 73dcabb113ea5113d7b9ce7b5c0565b1
cdn-cache: REVALIDATED
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3CxxcXqNDhPkni4pYeDDx8si8X1L1sxLwOjo8ypN%2BTV2AsRucEHNQh9FDpZ93cQ%2BREvdu%2FUK8AlLv9OLQxQ6qeqJkS2aOZPEapUrkJtU3sxBGFS%2BUBZUdvrQZO9i9HBWiHzpLbb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe905aacfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/template.css?ver=6.0.16

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/template.css?ver=6.0.16
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/template.css?ver=6.0.16 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 28 Sep 2021 15:33:03 GMT
link: <https://afcintl.com:443/wp-content/plugins/woo-product-table-pro/css/template.css?ver=6.0.16>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 9d521e427f5b61d4bdcbece3eac5106f
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3n84zfbNJ%2FyptSNf1z%2FrmjG8y%2Bsl9Xn2Em%2FCCznd0B3WTIcUuTvHgdLpesiXcg1AQdAjh415nSPaG%2BDHprxmuAfIkvdll3qVTyf0BZikUSAGd6ftmXipsC5tZmiK9NEOTQrrPYwF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cef8afac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Fri, 30 Sep 2022 05:22:14 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/select2.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/23/2022 05:22:14
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: dd5351b9e7f7861f07bde51ffbcbfe4d
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpB82FMmkdbPfobIh7zb5co89R6IG%2F0jUc39hGbxXPMtVNYdT9rYchw0U3FAkuMLTQWvbO%2BhgaIOu23G4t49awyZvU7y31nur5heNxAkRq1vstx%2FNbv%2FVJyJXN1KeJTadmrZpR0H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7a8b9fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 09:53:24 GMT
last-modified: Mon, 26 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/27/2022 09:53:25
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 1a60afaf0f28eb6cdb698938ae982290
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2F%2BFNlFgIzweguZxulaEZw89N0o2wrJN09UBtu4bEdOD6X7uMNRokLe%2FLwcnMQiZulM9mPpcAnOHLtZdnTsH8WWdpeYcEpParY9BwRVLO6qFlmEtRkmBMmXf4tT0OAvxYoSagCc4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb84936fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 09:53:24 GMT
last-modified: Mon, 26 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe-ui-default.min.js?ver=4.1.1-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/27/2022 09:53:25
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 61aa34c3db9e9124092d8dbaaa178c92
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nd6MbRpEMr2G3CThtlDxvsranB9f9TnziYriDWZ9VWpDlUpRyUPww8jbM7z3RPSJHCMIkB6OlCGT7pppUlE5TpJe5BmrJepYhmICjLHdn%2FqfhMEXcEiC9mcpHuWzc5WCDmlpFFds"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe906ac5fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 07:25:33 GMT
last-modified: Tue, 13 Sep 2022 19:36:51 GMT
link: <https://afcintl.com:443/wp-content/plugins/ajax-search-for-woocommerce/assets/js/search.min.js?ver=1.19.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/20/2022 07:25:33
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: 068176fd782f4ab3d1e78b1329d85784
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwA6tluWQw%2Fi5eRo6h3Sg20MjmbOG7X1BHfxNkbLYvXep8Db%2BazBgFjl%2BobgI3vVD9x%2FmRZEklVaDXO6qiCqTPIzg60ahapqFQJeivBqZlo0gPo810wv1NI7RSaKtui9M9rZJF4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8b988fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:26 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 08:23:13 GMT
last-modified: Mon, 13 Jun 2022 14:29:23 GMT
link: <https://afcintl.com:443/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.1>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 08:23:14
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: d94171728358511692514385fb96fd0d
cdn-cache: REVALIDATED
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecugzJaWpKTVl2qn6TYM3XGFvpOQuJlxxXyKlEfNXvP2sGEHLunnNAJKjK57vLyz2UxcDdzu3kwGi5hbe%2Bu4HVXHI4zerSO2Z5IbRR1nq6Q%2BEAw0hiG2RnWZT3qUg0mEOjJaF9S5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe905aa1fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.1.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.1.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.1.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 11:25:53 GMT
last-modified: Wed, 02 Mar 2022 18:53:37 GMT
link: <https://afcintl.com:443/wp-content/plugins/gp-premium/general/js/smooth-scroll.min.js?ver=2.1.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:54
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: fd23f2003885418a349698b36dfec1cb
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46IZs%2BlYfhnKGakA7CuRYUVBSN4Ppo6HdDzecwEy4UmBEY2nVOSIqdEjEqo%2B1qh9FmoWlh6aEdMJ4hocDaMGSnwjMZXlLRO0RRe9oWefRjLXfj3IHfCJH0GfOx97Ky3r7tLulWAM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8492efac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 07:25:33 GMT
last-modified: Tue, 13 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.4.01>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/20/2022 07:25:33
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: dba9826553d1a20695e61764e0fdec8c
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1cKmsDN0nPFNwye1ht4%2F0tNvsorACbPIMHnQyKgBrN9tfEVnPdHe7XV9YOeTVo4804kP432HrY%2Fh5XKJkqCAOv6nstnbblodRlDpYwUulB06cTgrqgSyg6%2FMqMyIy44fgarnofm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb87961fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:56 GMT
last-modified: Tue, 28 Sep 2021 15:33:03 GMT
link: <https://afcintl.com:443/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:56
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 5a9612d92df1c196026efdbc4f630bac
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9nFZgsDcdmuLGNHXhhm65dXf8dY927upDb8ipBDK6bqso3v1JUr73K%2B8diJ6CRxxcXj2id9EQlYPgiUV7HQ8XTRagIyN5JrlD%2BjYE12R8BMP7EBGkhAUBh5j2ALr3N5XUw7UHgGO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8b985fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 22:56:58 GMT
last-modified: Mon, 13 Jun 2022 14:29:24 GMT
link: <https://afcintl.com:443/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 22:56:58
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: a79ccc707291f2bd2814a5726081518f
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4e8ptXXbAZyVJ525uxHZZZZ5AKXDxr4f%2FuNNoCpkFobvhmq%2Fieuw8LyYHMPTmotnfz7GKsWfsaLqULQPklKtP%2BAb7QBezcvcX%2Fh4m1aqhDW7kT6i8DpKJltv10097R%2Bpt8pi2wf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe904a8ffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 4b3c6896b4c51290c9b6ded9db1179b6
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hAHMvCMQlE9puDXVM4XUBW%2BhvWkKAIIplHBDfrNv8GD8LjsxxoeN8bCNcdEssmFWaYQLOrYgem19eTDsDT0CfsqGsCGEybpy5drwvbgNMpmF5A8d7vZAAebJc%2Bb8h6u5F2Iz9EN%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb78899fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:56 GMT
last-modified: Thu, 01 Sep 2022 19:38:25 GMT
link: <https://afcintl.com:443/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:56
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: c67860de4cb8e61bd0c5572a10a1671e
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZa4lBiU6asj5SFJzwpkD%2FuuusUQb%2FZ1rwGAgPlCnOVVlvuGcvb%2B3yhfcZIkjV%2BpGahFB0kMroIrKU%2BB2EKGSamHV5KY07TQ75SR8Ul0VH3%2BLdBx3xfOxfCNOcqZskEiOOCeSjzU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8291ffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 03:47:17 GMT
last-modified: Tue, 06 Sep 2022 19:36:48 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce-gateway-stripe/assets/js/stripe.min.js?ver=6.7.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/18/2022 03:47:17
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: c61755f20666c40ca097d1d1a5a64a69
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhbaLDLDL5V6YBj1nFX2X3tYxC0gSHgOr3PAdwEePnTslwzTdDY0NCJ6I0tio5IKRtlhAe6Z0V3dGQ9MpQVaY7D4ELee8FuESho3CgXURCP3StSWHby0Ntb5GSw0J3%2BDjCra4NOM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe908aeafac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 06 Sep 2022 19:36:48 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce-gateway-stripe/assets/css/stripe-styles.css?ver=6.7.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: ffe7b5e440d8a65347adb471f95ca2b6
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FL8jGLJhKrzbFGp4YtorTjNv2tOYfH49ibX9Yk8piNBpubMol1yLs%2BhGYzujkJt8O841sym6mNUsDU1CRoj%2F5pcKIzf760sMPP%2B9ipK4dwzRkYGvVyXIE9OHKPMgY6kYVD63MDw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb798a7fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 04 Oct 2022 09:53:24 GMT
last-modified: Mon, 26 Sep 2022 19:36:52 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/select2/select2.full.min.js?ver=4.0.3-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/27/2022 09:53:25
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 705ae7a388521fcdea09f582d12a452b
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYZc8E%2BUajhkZ4y9Agnf6bLYExOSUDQzmPXxJ0d4GmF7B1dBHLzTvO3krcsdOOniMT2SlUV5vJKNuBT8ljwosQPH4DXWFrMbv4rU%2F2cOb8MHT9JW3E%2BgXioSfiaNICdNmTYQ6GgR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8b986fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 27 Sep 2022 14:43:27 GMT
last-modified: Thu, 15 Sep 2022 19:37:07 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/20/2022 14:43:28
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: 2b4fbd3630be7b0d41f64ab1b5986c78
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pP4WrjG0T%2FrM%2FWc2ECsLk0X5GRNZQ1%2BoPBCCpwQIb6y%2BRL0IspMmZh9TfJQOJQlX2pyyUn03HlZ7NAJ%2FQZZwr23aT%2FRbTCtWnn6D47NiltDdxqZFDNK7bxMqITVp59g7XQRZJPyB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe907acffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 793265c7756483bd88e7540ca5c4007e
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lsui38ZmG0Bj4W2OHfonhNE91ZpHqIbgewH6ksdDikh%2B81J7LdOFJgEO8igqNt1BCeBQmCrRkxuZ%2BxxJmeNTRQwXyJ6ldZXhSbYrhbElyM%2FB7ZMqX34rd7IpBvy8UrN%2B6PWilM7L"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe906abffac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 08:23:13 GMT
last-modified: Mon, 13 Jun 2022 14:29:24 GMT
link: <https://afcintl.com:443/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 08:23:14
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: f1261a29c379255564c531a216d4e368
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P5MluOevNMZAQWSXf9N07OC5G9aDiMNqhMDA0gGHfQy4nR0IKg7yUE4X%2FiXNV4YWatxohUX%2BX5TKnLK4VfuJTYujLV1%2FbLnrv2KRiPrZPAn0WFCD0nW%2FA8d303OupdUz6M7%2FI7b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe904a9dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: d9575e9e32f9edc0c2e72bb2d00ee4f1
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc%2FpBw9v4SoJeNRTlrnKve6Jx5wEjvSMCeLFrUsVewWjrIql3h3tBUlQOS75DbCgoKkLqI9vjOR5p3xPW%2BNgYjhxxGpEa6j%2BLZU18Qca6a2ta6gm8mmnpxqy2RmRX4ttHqECbksx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe906ac3fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/flexslider/jquery.flexslider.min.js?ver=2.7.2-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 793265c7756483bd88e7540ca5c4007e
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sF0z2Je4h2Aez%2FigvI%2B2h5lWKi8UVy3upgpOEbsq1szk67lrJtPuvIi3KMXkdgr0OpmxJJ%2FPL4%2BldD3FxNwHFP%2F%2FG2jiyuoLCHObnogjIYI8qkcxYSGRFVWoaY1UaZSh%2FVGE89xQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb84931fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 083128acc8da2e595b3949688f647e25
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ga03tQYTbH7gZa7OmwqUrWze3S5sfzHGYqTJXNEVRVeaNwEsJZ5ppveNy4G3xvy%2FB31iK3y7OUvHWCrw9bOv0gqNw2rKhTTgeZegT8aMGATpnDlB%2BUVwwXW8RRw5aPnu7OpU17ER"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb8593cfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 23 Aug 2022 07:39:11 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 9a3933eaa1dcfb22720a80634f4515b8
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1HsLUJNMdAtalqLc3UTgprZ%2B96jQCklXrWLUT%2F5cG0k%2BYxMZvuXHcHNM0HNnDRbQk0K0RoKoOmEHcBo2te5IXN6WJ9AwjF%2BHEHfOIeaDvAoUtijmvlDpKTMKHLyQ8qB0gi29AGE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8ccf68fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Thu, 01 Sep 2022 19:38:25 GMT
link: <https://afcintl.com:443/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:54
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: d90fcb510e4529139e6d77d42c10ab26
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3zxd93qbJJTPTi%2FXvz6bEIBXya8ji2TbpInn8eqMMOi0nHp%2BEaxGmdALsgcRKFOLi%2B0hozF96bXZ9FYQhYGqIQRkQKMftR9Jghkw2pA7MQ0VMDb2mINL1LvMwWRE8ocy%2FOv15yn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8ccf65fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 12 Jul 2022 19:36:49 GMT
link: <https://afcintl.com:443/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: d9542260bade43d79803745fe720a678
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmphfKfDSsc%2FB%2BQRfxurCIoXkaAS%2Btux2pq20zTPHsYhAPr9uACFq9JFdwSI%2BCIQrEsz6K3gUZ3PANhkYZQvI%2FNIiF0cdNjS0TIPRt4BJ%2FKwIB21%2FAttKte5lwmETwGh3e1%2F1v5m"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb7183afac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:31 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 28 Sep 2021 15:33:03 GMT
link: <https://afcintl.com:443/wp-content/plugins/woo-product-table-pro/css/universal.css?ver=6.0.16>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: e9276a8c1d09a2c9270346bedd23a817
cdn-cache: HIT
cf-cache-status: HIT
age: 6
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3ZdTiOAyxF7uACSAKMrQcLc6dWjNlwvefqiSJUT5XH9Hvziy4zGoPzl7FR3dRERsaKlp3p6UuD8HDoy52UowpXyvg0xlGzHdiX4Cm%2Frq2BFt3EraAt8ej0fsetgkvhjo7%2FOR1QL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb798aafac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 3bacf6a6b736e918b66a7f4d622457e2
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SV5Dp7xn5C9QNt9R1Jgr0x%2BeKQyL2KhwgpEualwizxxjJEPH5upcUOYRumJw0m48j2HqwkzkKDTWho8grgI3caREDDvIVqyrZb8TI%2B%2B9tukrgnA0QfS2Ry16AZh9evdbvDrKY9s%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb87960fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Tue, 23 Aug 2022 07:39:12 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: 6194db36547e7c995d87e19423f09d98
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBlPfNJZBN0Gi0yWXe2yNKKSRfB%2B8dTErn0LrCGWYF9CADfzJPku2y8WAAkhaT3DUyGLeGKFwe%2FVutvpTOs3xXz9AVeMZ0oK11seywFZZtX1MXSspGbtcLm9OFYpV5GpPz%2F3HPqx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8ccf63fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Tue, 20 Sep 2022 05:44:56 GMT
last-modified: Tue, 28 Sep 2021 15:33:03 GMT
link: <https://afcintl.com:443/wp-content/plugins/woo-product-table-pro/js/custom.js?ver=6.0.16>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:56
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 5a9612d92df1c196026efdbc4f630bac
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BsuOHce6h%2F9azFIZ0CffZSFyla33o4be%2Fre16%2F%2F3cBk1avQETdOQ1mKGl9eNL5ZzFyKFi8Ko6aqc1DVwzmVEBN3wadtOpi%2BdsvlYN9mrwyurbDwKcAse9uOpqDl2mV3ckhq2J34"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe908aecfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 22:56:58 GMT
last-modified: Mon, 29 Aug 2022 19:37:07 GMT
link: <https://afcintl.com:443/wp-content/plugins/flexible-shipping-ups/vendor_prefixed/wpdesk/wp-woocommerce-shipping/assets/js/notices.min.js?ver=14>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 22:56:58
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: ff28e017e28830fb96667c53b42c2980
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fGEYSdxhQJGXWvM6eKmgKMnNj9d5%2FVFtVxmB%2FhOEBq8mjyIS4jDfxspwF5TOCFyl0xnSfw1H%2Fp6ViEBBsUhlXj0oHrONrUry0kL%2BKNqk6JwSOKadJDfH9b16a26T%2FmP9V6cMbMKM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe907ae5fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://afcintl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: d9575e9e32f9edc0c2e72bb2d00ee4f1
cdn-cache: HIT
cf-cache-status: HIT
age: 7
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWs1BEg3VPGzwCQ7noZPubSfAICLp9QCT3iqqZMzUxve9r15QSvTd52uQp4%2F4rPv3f314fT3ubVSqpnmPQ9LSqbLG1Aw2AqBWGmkcdFaJHaD%2Ff7diHiy1%2B9qpVbPurbyHRiwZE8B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514feb84932fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 11:25:52 GMT
last-modified: Tue, 12 Jul 2022 19:36:49 GMT
link: <https://afcintl.com:443/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 11:25:53
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: d9542260bade43d79803745fe720a678
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iVOMeA7X3n%2Bt1zq05d0GVlbYvoc%2F7rOOxji%2FAXTP858owbnywvjvLSyVT%2FX0vED9Z9AYQ6IQWgHyH1bcoxvhTucZCU4QlGZQcdJyGWvcpDVsijajdl2P5Sdq30IoCDKZLb2acQ6c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8ccf5dfac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-a/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: text/css
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
expires: Tue, 20 Sep 2022 05:44:54 GMT
last-modified: Wed, 09 Mar 2022 19:57:01 GMT
link: <https://afcintl.com:443/wp-content/themes/generatepress/assets/css/components/widget-areas.min.css?ver=3.1.3>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: success
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/13/2022 05:44:55
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 4b3c6896b4c51290c9b6ded9db1179b6
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BiVGaFJ0trrQ9NF6PuV1p6sPm7vuy9K5yeWsjBn0ljuxxeVB9wkXMQRfFMHuDJXzLulAlDWLkS%2Foodmv%2BZp6E%2FAW5UXiYdGtquJbc3NEgS3ttkBzwK3WpahjSuz5sXFyGCPQmHI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe8cdf77fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2

104.26.13.183

200 OK

0 B

URL HTTP/2
cfb.rabbitloader.xyz/55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP
104.26.13.183:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /55rhwqil/rls.ri3tp0-nw-i/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: cfb.rabbitloader.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afcintl.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 27 Sep 2022 14:40:25 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-pullzone: 679510
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=604800
expires: Sun, 02 Oct 2022 10:00:56 GMT
last-modified: Tue, 20 Sep 2022 19:37:50 GMT
link: <https://afcintl.com:443/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2>; rel='canonical'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=86400; preload
x-rl-compression: skipped
x-turbo-charged-by: LiteSpeed
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/25/2022 10:00:56
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 3bacf6a6b736e918b66a7f4d622457e2
cdn-cache: HIT
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99mx5qKvn6iREp8Ug97f3COM%2FhvfUWOS%2F%2B1GTeUn2ZkYN%2FpkdR%2BzCk65nykQkqIUUvh5avrnPJRDE9lKgBRokVkQLyE3vsKYzkY0lKITHTOvpPgG9Uw0LBhjM6yDvK5WKaP3cs5A"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7514fe907ad1fac4-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (109)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size