r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5421
Expires: Thu, 24 Nov 2022 17:18:12 GMT
Date: Thu, 24 Nov 2022 15:47:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1612
Cache-Control: max-age=155412
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:51 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:58:03 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 15:17:18 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1833
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7824
Expires: Thu, 24 Nov 2022 17:58:15 GMT
Date: Thu, 24 Nov 2022 15:47:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8ksTlHj7Y6YLHZ3Q8KaMVSez+yx6cq/demL1njg//2M0jCFoUztAGwZdrLhMQnSWD9xz0ydOz80=
x-amz-request-id: 0B8E4JPDK8H8NV3X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 15:43:27 GMT
age: 264
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 15:47:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 15:11:11 GMT
cache-control: public,max-age=3600
age: 2201
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 796
Cache-Control: max-age=149533
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:52 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:20:05 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4ESD6+opaY0xAmjj0m3qaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Q8Vw5q3yOI19EzIwPUJOvP7vtvw=
zafarr.com/
162.241.7.200301 Moved Permanently 0 B IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 15:47:52 GMT
Server: Apache
X-LiteSpeed-Tag: e80_HTTP.200,e80_HTTP.301
X-Redirect-By: WordPress
Set-Cookie: yay_currency_widget=11529; expires=Sat, 24-Dec-2022 15:47:53 GMT; Max-Age=2592000; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://zafarr.com/
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11134
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11134
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11134
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:47:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11133
Expires: Thu, 24 Nov 2022 18:53:27 GMT
Date: Thu, 24 Nov 2022 15:47:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 30827
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 64687
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 63840
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 64234
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 30752
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 64848
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
polyfill.io/v3/polyfill.min.js?features=ResizeObserver%2CMutationObserver&ver=2.1.1
151.101.129.26200 OK 94 B URL HTTP/2 polyfill.io/v3/polyfill.min.js?features=ResizeObserver%2CMutationObserver&ver=2.1.1
IP 151.101.129.26:0
Hash eb8b0ba88b3acfb11ea81d5c02be9108
4b7f14cc2db25abdbe25472934b7469b2488f9d4
7237f15a97fe102c6ed13eadc0f7980da03cd06a20dfb7c7b8050e60dada617d
GET /v3/polyfill.min.js?features=ResizeObserver%2CMutationObserver&ver=2.1.1 HTTP/1.1
Host: polyfill.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
content-type: text/javascript; charset=utf-8
last-modified: Fri, 18 Nov 2022 10:54:36 GMT
content-encoding: br
age: 0
accept-ranges: bytes
useragent_normaliser: firefox/105.0.0
date: Thu, 24 Nov 2022 15:47:55 GMT
vary: User-Agent, Accept-Encoding
server-timing: cache-bma1662, PASS, fastly;desc="Edge time";dur=10
content-length: 94
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/elementor/css/post-6.css?ver=1660899265
162.241.7.200200 OK 1.5 kB URL HTTP/2 zafarr.com/wp-content/uploads/elementor/css/post-6.css?ver=1660899265
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1513), with no line terminators
Hash aedf6d6fbc9178365b36da3aee9e695b
5a195a8a52d15371290c060ab117762ab0178236
316b2bd4b2076a49f8c97e6020d83af4662862c22b12a6f0af4d89e043b9dd27
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-6.css?ver=1660899265 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 08:54:25 GMT
accept-ranges: bytes
content-length: 1513
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/css/classic-themes.min.css?ver=1
162.241.7.200200 OK 217 B URL HTTP/2 zafarr.com/wp-includes/css/classic-themes.min.css?ver=1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:19:12 GMT
accept-ranges: bytes
content-length: 217
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/modules/add-to-cart/assets/css/add-to-cart.css?ver=2.1.1
162.241.7.200200 OK 3.5 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/modules/add-to-cart/assets/css/add-to-cart.css?ver=2.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3461)
Hash 948ca811f79f440c40f9f80617d13d3a
bb4d106b82a4c1df8ba99ec63a51a3cb5db9cb9a
bbfbe905f24ceb76e79ccc2e4bcb9614fc100f31f21e0e0cb73bbb3bfe327a68
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/modules/add-to-cart/assets/css/add-to-cart.css?ver=2.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 3462
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yaycurrency/blocks/style.css?ver=1660821195
162.241.7.200200 OK 3.2 kB URL HTTP/2 zafarr.com/wp-content/plugins/yaycurrency/blocks/style.css?ver=1660821195
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 41c4011f46685c0d360a571b32f250b3
053f8362ba218b7d9a914ba63a7475f6390645c6
546187cc987a1907a0bedbd1e5be252b5215b64f167939b74c100f8582454e30
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yaycurrency/blocks/style.css?ver=1660821195 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 11:13:15 GMT
accept-ranges: bytes
content-length: 3179
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
162.241.7.200200 OK 2.6 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2630), with no line terminators
Hash eade318fbed91c096467dffa56406638
69d306a2097e792f99c80a5e0bb8863260399cad
d589803f3ab380582ab137b22493c2bacaa92424fa88cee212e80288cac11fbb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/jquery.selectBox.css?ver=1.2.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:15 GMT
accept-ranges: bytes
content-length: 2630
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0
162.241.7.200200 OK 1.2 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 0d9a78ea8eb5628bd56257dcfa5ddfac
2c6b7f6986898b91dcf52ca4e065896e6e64ba78
524514fa650d43d20113f98fb44b05d08d9913a1362b11ae02f3d734799b988e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-deals/assets/css/tawc-deals.css?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:23:08 GMT
accept-ranges: bytes
content-length: 1177
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.9
162.241.7.200200 OK 776 B URL HTTP/2 zafarr.com/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.9
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a5bf64d5859ee94a3e8e93d592d6d2a0
049eb63b42dbb820b06870a430f523bf06880721
25825611ade7ceaed7df3862ec56dc91ad1d2be539966ef7bbe84306e51cfb08
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.9 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Mar 2022 06:04:56 GMT
accept-ranges: bytes
content-length: 776
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
162.241.7.200200 OK 2.7 kB URL HTTP/2 zafarr.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e6fae855021a88a0067fcc58121c594f
6299ac3987b5e81725781799dad361d19ac3b99d
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:12 GMT
accept-ranges: bytes
content-length: 2731
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/thickbox/thickbox.css?ver=6.1.1
162.241.7.200200 OK 2.7 kB URL HTTP/2 zafarr.com/wp-includes/js/thickbox/thickbox.css?ver=6.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 37faeb50ef52da086e0f8c2c289e66d4
3b273af579e5e5fa7c276c32028abd6df566a995
b390a3efe231d9f38b3a706a5765a2a2f0817e761f60a27556171e9a276980e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/thickbox/thickbox.css?ver=6.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Oct 2020 02:25:09 GMT
accept-ranges: bytes
content-length: 2659
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
162.241.7.200200 OK 4.9 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 4933
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.5
162.241.7.200200 OK 2.1 kB URL HTTP/2 zafarr.com/wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.5
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 96869a165bce91ec071822df7022697c
d2da847c9734a50f73836f98ac62237ffcfb83f3
dadb4e80b981be80b2657b58ee143dbdd7aa933fe567f2cc9d57a2db3be3be95
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/email-subscribers/lite/public/css/email-subscribers-public.css?ver=5.4.5 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 05:08:01 GMT
accept-ranges: bytes
content-length: 2141
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/notices/assets/css/frontend-notices.css?ver=2.1.1
162.241.7.200200 OK 1.9 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/notices/assets/css/frontend-notices.css?ver=2.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1917)
Hash 2597a62581d2716ff4f286c1345b6f21
f696a87d26152c4880c2aa84ba996d63089c269b
95c26f844e4d6b19fcd07085388d5c40d5525d1759175461096fd8b28fec06b0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/notices/assets/css/frontend-notices.css?ver=2.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 1918
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/payment-gateway-stripe-and-woocommerce-integration/assets/css/eh-style.css?ver=3.7.3
162.241.7.200200 OK 1.6 kB URL HTTP/2 zafarr.com/wp-content/plugins/payment-gateway-stripe-and-woocommerce-integration/assets/css/eh-style.css?ver=3.7.3
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3b322af8b1ce7fdefd4647d2b878d0fe
c254d7ffd1c9db846e4eba5ba1ad26271214f650
c774b276cb24d9485d9cc8cccbe8ceff2fb3666863ab3a5333840ccef5eb15d1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/payment-gateway-stripe-and-woocommerce-integration/assets/css/eh-style.css?ver=3.7.3 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 07:40:06 GMT
accept-ranges: bytes
content-length: 1587
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128
162.241.7.200200 OK 2.4 kB URL HTTP/2 zafarr.com/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 1533f310ad5d520665690a846a761471
672a0b5a67dd29ca53abdbcd63ec23cf7eabf133
b1ab957b283939475db752c5e77405daf551d6a755be2458e7cb24026665c444
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/css/frontend.css?ver=20171128 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:23:08 GMT
accept-ranges: bytes
content-length: 2381
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/css/farmartIcon.css?ver=1.0.0
162.241.7.200200 OK 2.5 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/css/farmartIcon.css?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash a60488f25de94d2879f9200d4d22116b
7f468a2ecf312d88709780858e6cebc1e272802e
4d0e2eda48c4aac7feddbfd2d6e0f196adbfe83b702d0af96d9c1a7c59a08421
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/css/farmartIcon.css?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 2456
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
162.241.7.200200 OK 669 B URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (483)
Hash 9eb2d3c87feb6bb2ffa63b70532b1477
38f226335a05ab0e30497bc7419eb5e243a9e26c
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 669
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
162.241.7.200200 OK 677 B URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (491)
Hash 3eef8c9e589a6fd58292e79bbac4ba5d
d3ebdb629b8d9c92380b14b1676b123398f0841b
eea3d6ccda7f6503078cce9dc41176c1357af1c93a5b3625131ef7cf21c9d7c4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 677
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
162.241.7.200200 OK 675 B URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (489)
Hash 144e43c3b3d8ea5b278c062c202c92f2
3c037057a419245849747b4762d09d88cab66fc1
9cd63b8cea25045c14623c538d26752518a58c0c682795ce6ad3078976c65a37
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 675
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/assets/js/jquery.ajaxqueue-min.js?ver=2.1.1
162.241.7.200200 OK 542 B URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/assets/js/jquery.ajaxqueue-min.js?ver=2.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (542), with no line terminators
Hash 09c88c20d386a5b5c3faaf49613b5cd3
ad3d50b48210b1c96f91609d4f686d67eb89bbce
63bf574ae05d5b3396f813afbfa8da15bc707407b7229757af411d9c87ae576f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/xt-framework/assets/js/jquery.ajaxqueue-min.js?ver=2.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 542
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.241.7.200200 OK 19 kB URL HTTP/2 zafarr.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 06:21:17 GMT
accept-ranges: bytes
content-length: 18617
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
162.241.7.200200 OK 3.8 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 9c6b63558e5de592c160563dbe08dd0d
e4969ab55cc566759623f6b4e1c7d6b3bcdc21cd
14a77bc82e039ce4be0d9ba9b0237495b0a9578d34eb92d444093d440f6190ba
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/css/colorbox.css?ver=1.4.21 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:13 GMT
accept-ranges: bytes
content-length: 3812
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
162.241.7.200200 OK 1.8 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 1834
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2
162.241.7.200200 OK 3.3 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3287), with no line terminators
Hash e65cbce40458e232c2d8c7661dfeab7a
9aea5882139ac04bc182d376c34ac6c6e9b95842
8bdb4e5d2066e5a29a162cee6b418adeb546ce98025ab4741107dfaa8485415f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/photoswipe.min.css?ver=6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 3287
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yaycurrency/src/styles.css?ver=1.8.5
162.241.7.200200 OK 6.0 kB URL HTTP/2 zafarr.com/wp-content/plugins/yaycurrency/src/styles.css?ver=1.8.5
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4b210e69c231573b89782df15baff4ef
7f9246cbdfac48cfc64a3d45ed8070d4601bae69
c5a8c699b32432d5d2a3dc3d1dd8e7e1ef36456ceccdc9d6805564af13c21374
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yaycurrency/src/styles.css?ver=1.8.5 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 11:13:15 GMT
accept-ranges: bytes
content-length: 5976
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
162.241.7.200200 OK 2.9 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 2938
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2
162.241.7.200200 OK 3.0 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 4e544022235ced14996464116a9ed9b2
31ee19d95973124b812a22c5ff5944d5b5bf8147
4ef2d5b0ef62523af87f3e13d8061449b2ddbfce07064f26b1305084abbf18f1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 3037
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/vendors/bodyScrollLock-min.js?ver=2.6.8
162.241.7.200200 OK 5.1 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/vendors/bodyScrollLock-min.js?ver=2.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5115), with no line terminators
Hash 2e3a078e3a8726d03066df9db8d5e3e2
5ffaf5f2287e89307b7b0fd578cd6dc4a643cca5
87c47a8067372bc79687c7e6323d3dba9eb1b546b9db382ef0e9aa3685722d28
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/public/assets/vendors/bodyScrollLock-min.js?ver=2.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 5115
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6
162.241.7.200200 OK 9.3 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9281), with no line terminators
Hash 57a347480fbe0b3d235993f4f1ec3b2c
ec01673e887c236765156496c7d00111238554d8
9097a2c579616889e829be95554ebf90ec5900045f4d2282cce31d5a999acc03
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/prettyPhoto.css?ver=3.1.6 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 9281
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/css/magnific-popup.css?ver=2.0
162.241.7.200200 OK 7.6 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/css/magnific-popup.css?ver=2.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3d3d09fa0e8a1552510bc7e04768fa5d
fa787d1657c2822ecac29a1e776fafd8ec81a200
c818c0a9e616b3374b259292423ee0daed55d61034698170030b6b39178c9214
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/css/magnific-popup.css?ver=2.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 7635
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2
162.241.7.200200 OK 7.9 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7887), with no line terminators
Hash e9832bf9ac8e609f5ece62974257220d
feb78d4ff80fd84163c98a67ded3ad06ef7bacb9
0070e220521a6a69cb33f7da37bd5c1aa7e76d0865fb9cdba6672eb5ba50e425
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/css/photoswipe/default-skin/default-skin.min.css?ver=6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 7887
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/elementor/css/post-8516.css?ver=1662097326
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/uploads/elementor/css/post-8516.css?ver=1662097326
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12223), with no line terminators
Hash a0a4aaab68938ba572af68f775cd6be7
bc1c8c037abb8f97ec51d276e25d6a8a9b5b4610
b3a52fa00f441cbb01e3ae7c230a75443564ea4b823e18a1f557842f6932eb3e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-8516.css?ver=1662097326 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 05:42:06 GMT
accept-ranges: bytes
content-length: 12223
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/elementor/css/post-7587.css?ver=1662627319
162.241.7.200200 OK 10 kB URL HTTP/2 zafarr.com/wp-content/uploads/elementor/css/post-7587.css?ver=1662627319
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9979), with no line terminators
Hash 5bdd8d61202ef9a27f4735c79e5d52e1
da335a50bc38972f3df0770a2b69cd101e8da99f
953cf4526bcb8ab9c530c9bba69cb70523723140e1bb2ce6c887093d884d4e82
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-7587.css?ver=1662627319 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 08:55:19 GMT
accept-ranges: bytes
content-length: 9979
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
162.241.7.200200 OK 9.5 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9115)
Hash a5451283952efd5df49466bbeace6911
dce405842471c303c3d8fd6fa3c084aa56a71029
f4e38e5ef16efe51836cf7142412b8e1aa8b73ce89afed23be0cf77dfd8e095d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 9509
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/customizer/controls/xt_icons/css/xt-icons.css?ver=2.1.1
162.241.7.200200 OK 15 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/customizer/controls/xt_icons/css/xt-icons.css?ver=2.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (14146)
Hash 6bbb5dc1dac9b4907719cf1e1ce588ef
a707edc8836ab2016d71cfa037f92b4ca648cec9
26a4d5b53c987f33f145b8619a049cc0f7ac5cd90a273bb88195bf478be5cc04
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/customizer/controls/xt_icons/css/xt-icons.css?ver=2.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 14691
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.241.7.200200 OK 11 kB URL HTTP/2 zafarr.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
content-length: 11224
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/modules/add-to-cart/assets/js/add-to-cart-min.js?ver=2.1.1
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/modules/add-to-cart/assets/js/add-to-cart-min.js?ver=2.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11769), with no line terminators
Hash 902a2245eb7a533738c97bc9278e0f9f
6e0dd41584a4477daa5d600a17d7c1c14f049cc4
5f058eb02ba3cb1293d15b2fe4cbc65af97645c299c9ea202dd2a37e78ec47ca
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/xt-framework/includes/modules/add-to-cart/assets/js/add-to-cart-min.js?ver=2.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 11769
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11736)
Hash cf2bc7e2fd192b1429a1373769c63328
221f146300499fe8f9bec1a6c5aafb5229b9df85
f5d960626fb6e8582213dcc29e2ff005efe5706c9ee766584255b9c9d848b6b4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/widget-icon-list.min.css HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 11775
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/elementor/css/post-9879.css?ver=1661506185
162.241.7.200200 OK 26 kB URL HTTP/2 zafarr.com/wp-content/uploads/elementor/css/post-9879.css?ver=1661506185
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7281)
Hash d8d16eddb51c6a7e6bbc7dba767ed22b
fb29661baf6174d9e8b0fe57a80098d3a5d5c050
fe01fb815a7a134c0caf393b532ba5d653f00bdeecc693c1dd9b015456a8ce12
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/post-9879.css?ver=1661506185 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 09:29:45 GMT
accept-ranges: bytes
content-length: 26168
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
162.241.7.200200 OK 31 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30441)
Hash d3ec229e04c8634c88cc4cb3f2934c11
785cb4beecaad98329fff0a54f9a5536cda200ab
73835f9dd494931cd0562ab2d4db8aaf3d54dca375abade1794ad1a12ae0d97c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/font-awesome.css?ver=4.7.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:15 GMT
accept-ranges: bytes
content-length: 30603
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/assets/js/jquery.touch-min.js?ver=2.1.1
162.241.7.200200 OK 14 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/xt-framework/assets/js/jquery.touch-min.js?ver=2.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13579), with no line terminators
Hash e1fb5d5aee5a08303550b52f30acd632
9037ae5c96c145d53b03a6b507eb2505f878d394
4d231e3f27140d1683925511519674cce216bb132a887cff75eb57b209001276
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/xt-framework/assets/js/jquery.touch-min.js?ver=2.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 13579
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.11.0
162.241.7.200200 OK 29 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.11.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (29337), with no line terminators
Hash 4de6dfc6ff180e33262861a679d40546
8de11c7f99e413282baa349d11657ccd2c468d4f
3e61990964ebd31443be4e6598163ebd71b73b139c42d52547b8a290f7d059ca
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/css/style.css?ver=3.11.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:15 GMT
accept-ranges: bytes
content-length: 29337
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
162.241.7.200200 OK 19 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19082)
Hash 50be31853049e4b4a10c277d5f95eb75
ac2dffc0c65ad6b209fedf2169d0c50eb4119a3e
b651d87ef113cba0c8ec8a33bfdb694171effeba56b20be12e3c77fc15f6ae9f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 19128
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/elementor/css/global.css?ver=1660899266
162.241.7.200200 OK 16 kB URL HTTP/2 zafarr.com/wp-content/uploads/elementor/css/global.css?ver=1660899266
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6697)
Hash 0990805be886ecdb54e9e11996693409
8e8c191b9d6ebc5cd925d1b7e866378fc98e81c3
952ae832d88e1eaf0bba62638bc3fa0d862063d8d6ac3b2ece69f7e9204565a5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/elementor/css/global.css?ver=1660899266 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 08:54:26 GMT
accept-ranges: bytes
content-length: 15766
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/css/bootstrap.min.css?ver=3.3.7
162.241.7.200200 OK 20 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/css/bootstrap.min.css?ver=3.3.7
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (18899)
Hash 1c31e51218b29125e690839d535206b9
62a038820569b500c7d83ca5ddf33d308eebf34b
35f9269b8dbc71c2f1a80ae0248c8717ab58e438de1f961cea2ac611c4f26dde
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/css/bootstrap.min.css?ver=3.3.7 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 19450
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4
162.241.7.200200 OK 30 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30283), with no line terminators
Hash d942a12c644c208f99aeaa5fc0914d92
3f9e011aec544347fbf476cc9f944679de65d35e
73b2fdcf25aa909c7b0f072cf791066350ab834ca1d0d01ef096bb5583318213
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/responsive.css?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 30283
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1651753294
162.241.7.200200 OK 43 kB URL HTTP/2 zafarr.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1651753294
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (42899), with no line terminators
Hash 6081ff2a57a07c85157bd87059682957
50225f4975b00220be6bbc01c8cc0fc9d8b9bee3
c73dacfb85e2b4cd3a8f5450c907f5a553742d2de23dcc07253ec49843d511c5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1651753294 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 09:22:16 GMT
accept-ranges: bytes
content-length: 42899
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/css/dashicons.min.css?ver=6.1.1
162.241.7.200200 OK 59 kB URL HTTP/2 zafarr.com/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
accept-ranges: bytes
content-length: 59016
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.9
162.241.7.200200 OK 76 kB URL HTTP/2 zafarr.com/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.9
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 2395c81e72a52f14588816b4f72a7f17
711357e8d49c28be7605fcfbf881b90567decee1
ea14d1b1233e6cbc9b1a156ac532f076f7adafc309726fca7bf8833f882ac872
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.9 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Mar 2022 06:04:56 GMT
accept-ranges: bytes
content-length: 75684
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.241.7.200200 OK 90 kB URL HTTP/2 zafarr.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 03:17:57 GMT
accept-ranges: bytes
content-length: 89684
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.241.7.200200 OK 95 kB URL HTTP/2 zafarr.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 03:17:57 GMT
accept-ranges: bytes
content-length: 94889
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8
162.241.7.200200 OK 108 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65497)
Size 108 kB (107993 bytes)
Hash 4c3923551e9eca7e76a2f0269237ca61
41f6faea2dee3469d09878909b1fb3900872bdb9
5ba9e11db2bb2cd2b62b8502db6465fbc5f6ce1a490705c05692354f52d5a576
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 107993
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/css/frontend.css?ver=2.6.8
162.241.7.200200 OK 111 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/css/frontend.css?ver=2.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 111 kB (111206 bytes)
Hash ea70b08cb77986587cf2beec823a0147
1004c447efdc70e552f9e795237dc332027e645a
9c8619d95e73df5b2be45a77425e2cdf2f526bf750fd2a4f8284546c869ff734
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/public/assets/css/frontend.css?ver=2.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 111206
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
162.241.7.200200 OK 120 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 120 kB (120523 bytes)
Hash fcabad2a10da2d2b03619f2ac4fa0d5c
307f623c875369bcccb565461c025363da927fd0
8eb8669e3beac58d8a5ecba69cb681604fbd75d837df8d7e332d173f2d36c142
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 120523
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
162.241.7.200200 OK 210 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 210 kB (209867 bytes)
Hash b14e0a53861ed03f5d857154b373311c
7f6e0d751442277366d15425c64ee4c31752037c
f3ddaf2e45a19650e8f47a163e4955e467e74803f6d20c3dbde53ce96dbdd476
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 209867
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/woocommerce.css?ver=20220204
162.241.7.200200 OK 195 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/woocommerce.css?ver=20220204
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 195 kB (194992 bytes)
Hash 1c7640e0a38e6c36b556ae05bba28cbd
b810b78e1a4b5891bab2f504b47e862b6a7f4160
fcfd769d93c962d7dc98b001dd67f924e117e728cbc7e997bd538dfeedf17619
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/woocommerce.css?ver=20220204 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 09:21:36 GMT
accept-ranges: bytes
content-length: 194992
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/style.css?ver=20220304
162.241.7.200200 OK 412 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/style.css?ver=20220304
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 412 kB (411485 bytes)
Hash 12bf92d41b89f0a9a09014ca6be20c6e
090ebfba3d85cb804b57a96155b2a47188d1f50c
4178e0f0e19fd461d3e9f66e061e3918d763a08f0571b8df81c6fee41a5fb80b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/style.css?ver=20220304 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 25 Aug 2022 04:19:55 GMT
accept-ranges: bytes
content-length: 411485
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
162.241.7.200200 OK 445 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size 445 kB (444728 bytes)
Hash 66bc9d935c87faa5301a794686658f31
f0186636a3c4c951889c934afb047edb7868813a
f8e5f1eb63729ae89d67268474753a3fd85f8b29a8c3c8717f5cb2b966bf82d0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/css/widget-styles.css?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 444728
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/07/zafarr_logo_light-300x144.png
162.241.7.200200 OK 17 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/07/zafarr_logo_light-300x144.png
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 300 x 144, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c51d3baccb82e4eae19533ee2cc5461
7f00922c90d4c158055e6ba62b53a4fce1ab62b3
a3c45fe903ccc8c2cd1b512f54314c8b4f64716817c109444b67832e1b5cb98e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/zafarr_logo_light-300x144.png HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 10:32:06 GMT
accept-ranges: bytes
content-length: 17191
content-type: image/png
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
162.241.7.200200 OK 13 kB URL HTTP/2 zafarr.com/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (597)
Hash 7a575ed24e7c210825458efde43e5df6
b3085f9a4d5ad7627543570e5dff576b1df762d1
c0e09e793fb79507dc97ed702a4c2c9c00ab4d1677bd45bcd112e203c96dd661
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 03:17:57 GMT
accept-ranges: bytes
content-length: 13242
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
162.241.7.200200 OK 15 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (14924), with no line terminators
Hash 157f18464a93eab7fb62a7f3e618ac2c
f47727e80d529d6e4941fea32f2e8a8ee5008b8a
9ed8f2a0e573467348e64fb1945eeac1698f32af9e9c723153eb7142d6a43306
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.selectBox.min.js?ver=1.2.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:15 GMT
accept-ranges: bytes
content-length: 14927
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
162.241.7.200200 OK 21 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (21310), with no line terminators
Hash f3d7b1578081c9cf982cfbc29f514836
fdb6b04b917b9a1c72e3cf2da686c2584d3fd50f
c0f874276d38c6d9e43767d76a15de39506461b268a3cbf19fc8218f3ec8631a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/prettyPhoto/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 21310
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
162.241.7.200200 OK 18 kB URL HTTP/2 zafarr.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 03:17:57 GMT
accept-ranges: bytes
content-length: 17823
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
162.241.7.200200 OK 2.1 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 2139
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
162.241.7.200200 OK 6.5 kB URL HTTP/2 zafarr.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 06:21:17 GMT
accept-ranges: bytes
content-length: 6475
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.5
162.241.7.200200 OK 4.6 kB URL HTTP/2 zafarr.com/wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.5
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3ef50f309c3264761d5d9cef6ee28b52
a0d3c3515dbdbcd7b9a350ce3ab66d9646d7a72d
f0d756fbeb3274d62775e709e479063afa849c753728e5d356280ef1ffd6586d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/email-subscribers/lite/public/js/email-subscribers-public.js?ver=5.4.5 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Aug 2022 05:08:01 GMT
accept-ranges: bytes
content-length: 4551
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11827)
Hash 06a3b48689b0314af6c5da5b6ff27bfd
a98a815d90cba195409d39bd74d31b1e6f9dbf95
4cd7a0d2c9eb03966a0dc60658526c20fa4e8ee4a0660da469f55edaf9a18c9f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/jquery.colorbox-min.js?ver=1.4.21 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:13 GMT
accept-ranges: bytes
content-length: 11900
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.8.2
162.241.7.200200 OK 14 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13887), with no line terminators
Hash 86a395a95e5aef3b24c6cb6367893e79
61070479632011366e97cda53743872a6356744d
ddc53011e8c0788465983fa491db2d1f5bac6c8cffc49e344b717a3c8364e0fd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart-variation.min.js?ver=6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 13887
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/wp-util.min.js?ver=6.1.1
162.241.7.200200 OK 1.4 kB URL HTTP/2 zafarr.com/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1391)
Hash 19d386c9004e54941c1cc61d357efa5d
0a77594006c8d86fdcc0adbc2b9aecaef3869586
3bc6467a95cec8fa516c6f5f69e1301e37e16f9bb1046fe7756729249f901b95
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 03:17:57 GMT
accept-ranges: bytes
content-length: 1426
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yaycurrency/src/script.js?ver=1.0
162.241.7.200200 OK 5.7 kB URL HTTP/2 zafarr.com/wp-content/plugins/yaycurrency/src/script.js?ver=1.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type assembler source, ASCII text
Hash 5ad6b50d013ea49fffbb111d541ba808
2faf18914daf2f78472dc98b7773485512ccf51e
5e079826685c1022c0b470b80e0f6bbd826953674908299d38a77384715ec9b5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yaycurrency/src/script.js?ver=1.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 11:13:15 GMT
accept-ranges: bytes
content-length: 5744
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127
162.241.7.200200 OK 3.9 kB URL HTTP/2 zafarr.com/wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d7c102bcf1ed987919a3864dd0753ade
cd4a382e0f56ac53ec9bc9fa7ee78d8263d1999f
1abd6447f3993a8d351829ef6e56f5a0079d9e37d7b2d19be4f948aa233c37d4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/variation-swatches-for-woocommerce-pro/assets/js/frontend.js?ver=20171127 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:23:08 GMT
accept-ranges: bytes
content-length: 3932
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
162.241.7.200200 OK 5.6 kB URL HTTP/2 zafarr.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (5477)
Hash 3a56752b736635bf69cb069b8818cbfd
42e0951fe74bb3f56a30f51291823bcd4a84d76e
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
accept-ranges: bytes
content-length: 5629
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4
162.241.7.200200 OK 40 B URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash 94d041d462db321cdb888066586f2068
717d2f9da7fb9f9e2bf2058a8177a0344f8a8647
b8166c5475df6a64ab2456e95f64564164ed697d258e8bfed8cebca40efd6fa5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/libs/framework/assets/js/frontend-script.js?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 40
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.17.0
162.241.7.200200 OK 4.6 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.17.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4602), with no line terminators
Hash 25d887c9c8997522cf1184e1171d605c
8f9fc958307ce831e7313d22d996908f578956e2
ccdea9568a2dafdc3b5dfafd7cc65ed784a235fe1a3c2da2e4183a9bb834c136
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-compare/assets/js/woocompare.min.js?ver=2.17.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:13 GMT
accept-ranges: bytes
content-length: 4602
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/jquery.coundown.js?ver=1.0.0
162.241.7.200200 OK 1.6 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/jquery.coundown.js?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2312f6c2f4dd75690465d5893dd02bb9
f442ad009edd4c881d6a48838c20d5b9e9fe115a
9a48b9cbd908b848d069fbeb1bbde96fcab3f89d6b107d8e2e3452d6fa40cf2b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/jquery.coundown.js?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 1614
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/photoswipe-ui.min.js?ver=4.1.1
162.241.7.200200 OK 9.9 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/photoswipe-ui.min.js?ver=4.1.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (9765)
Hash 9517baca43cd4e9cb23ff337fbc1baa1
38557bef17c33e172bc8e1670cd302d91622dfad
3d61ce954cdcf7aa4c73c4e1c112173e7f321f834e2eee36450d1bf52a67a459
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/photoswipe-ui.min.js?ver=4.1.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 9876
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0
162.241.7.200200 OK 1.5 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash b08c4b8048a71ab313852ea43549bb31
85285886dc982dab0c03e4a3ffd574065a74f69f
cc732599b1f9f9c594266f23478d6341d1c35cccd469d63b4278dffbc4df2657
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce-deals/assets/js/tawc-deals.js?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:23:08 GMT
accept-ranges: bytes
content-length: 1489
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/nprogress.js?ver=1.0.0
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/nprogress.js?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 44152eae6dafa80f61ad33e04925713a
249b10a758510e4564888351214110552efbaca4
bad32bf38a8585db5a99bc33acbcce9e34903346bf78eaa3af89e7334beee678
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/nprogress.js?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 11718
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/waypoints.min.js?ver=2.0.2
162.241.7.200200 OK 8.0 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/waypoints.min.js?ver=2.0.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7808)
Hash ac5840cf0870ecc0833ec7f0b46abdac
b01f657a7b0d93cfd47fa06bd07dd6c9e6605629
8d73392f1f569c51f57b7f9a30278358484f1795584aa2cd540e5b8ea650593e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/waypoints.min.js?ver=2.0.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 8044
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
162.241.7.200200 OK 5.0 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4918)
Hash 530dffbfb4c3efd2c496617d77fb2448
1197e6ba4ac2dace2a8a63c5283ed0b590610152
08c70fae8c5a06e27f90b3b8bac23c07318fe3ead7cebd2a7ac2e56a7a6c00e0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 4957
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/jquery.counterup.min.js?ver=1.0.0
162.241.7.200200 OK 2.1 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/jquery.counterup.min.js?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8de2aad82a7a208b62f4b9ce14a155bf
ee19a05e57da9162524062d5fd1f85dd317fc33e
14dde748c5b46630a7ebbf38aed8feb9a450088568e7efa010dc208691020d6e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/jquery.counterup.min.js?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 2116
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/isInViewport.min.js?ver=1.1.0
162.241.7.200200 OK 2.3 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/isInViewport.min.js?ver=1.1.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2193)
Hash 315faaf6c55d8a3c4845e21652543f51
388ce7a2202bd3006c9516ff19e49b3f4e8add70
a35215b3ad41ee3a0d124079485e4b70f5beb32e5746daa1f55f5b42cf03d93a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/isInViewport.min.js?ver=1.1.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 2304
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/08/Gifts.jpg
162.241.7.200200 OK 323 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/08/Gifts.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x775, components 3\012- data
Size 323 kB (322863 bytes)
Hash c2e1e931a88e8ca7fa2c6a3ae3d59f07
6768bd0e8239735841e83c87d3a4a550598bc863
ee4946852858b8ba044f23aecf1c79aa9108000aa494c0d13fd2694b5f4d53df
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/Gifts.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 09:06:00 GMT
accept-ranges: bytes
content-length: 322863
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/notify.min.js?ver=1.0.0
162.241.7.200200 OK 14 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/notify.min.js?ver=1.0.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (13780), with no line terminators
Hash 37ad78b7c171c572c10ec77084ac1f08
168f1bdb0a5e071aaab878c36e796ee62c33301a
23efbfd67a8f05a7e077879326c0bfd8db30cca53baec92cec4bd4c03b43104a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/notify.min.js?ver=1.0.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 13780
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/js/frontend-min.js?ver=2.6.8
162.241.7.200200 OK 27 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/js/frontend-min.js?ver=2.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6930)
Hash 9b1d4484a453859177445d4f972599dc
46a32c6e50ff621348f322cf93d62119aa0f12a7
f58481525e1ffd0acd033f5cdf7686aeaa5651c71cc5082b4cb5cae102d41a74
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/public/assets/js/frontend-min.js?ver=2.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 26806
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
162.241.7.200200 OK 22 kB URL HTTP/2 zafarr.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (21904), with no line terminators
Hash e7334b0f16895605c1234c69ad86fd4a
6da3372e63cabe2d3c6b0dfecc70770c2f69921b
e89d7526092c671c0a01bd02152a595271fb97f87bbd3ba379b5e8b1071f6b2d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:12 GMT
accept-ranges: bytes
content-length: 21904
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.11.0
162.241.7.200200 OK 25 kB URL HTTP/2 zafarr.com/wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.11.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (24951), with no line terminators
Hash 540be7a8259fbeaf4a732a344b267a7d
ac51cc9bb5df51bd9568de8707b9b176f7d60254
a692f16cca3d27ae6772b85e05c46d117ca45678783d5ee010df7d67e8f12485
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yith-woocommerce-wishlist/assets/js/jquery.yith-wcwl.min.js?ver=3.11.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:15 GMT
accept-ranges: bytes
content-length: 24951
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2
162.241.7.200200 OK 31 kB URL HTTP/2 zafarr.com/wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30938)
Hash 48e40ccbdb42e75d87e23ffdd1470b45
8520f485985f09bbb8ec21bd0ce12dbbd01c6d86
12b903a2fa16f18d4a9e2add9466e4a193996856a89b14c4e1be034bbf9bf767
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/photoswipe/photoswipe.min.js?ver=4.1.1-wc.6.8.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Aug 2022 03:54:16 GMT
accept-ranges: bytes
content-length: 31039
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/08/tees.jpg
162.241.7.200200 OK 517 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/08/tees.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2022:08:29 18:01:12], baseline, precision 8, 1920x775, components 3\012- data
Size 517 kB (516768 bytes)
Hash e9e6ffedd10975694d6cedf0d6236fb7
65b0a3342028ba5b64420dedf769ebceb639e961
d2c0f14d83db238fc15feaf6b41e909c1640d51d3511512b30856e0e2a9f8a3e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/tees.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 29 Aug 2022 12:32:16 GMT
accept-ranges: bytes
content-length: 516768
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/
162.241.7.200200 OK 532 kB IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Size 532 kB (531684 bytes)
Hash 72d945c9d5321845dc3397dfc46bb411
573db6b0e73aa5cae456c8bf1e6d6cb1af4f4cb0
a054d47a04b288c0798f46019b70a30f51484be3de5bca42393366e64fb732e3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-litespeed-tag: e80_HTTP.200
link: <https://zafarr.com/wp-json/>; rel="https://api.w.org/", <https://zafarr.com/wp-json/wp/v2/pages/7587>; rel="alternate"; type="application/json", <https://zafarr.com/>; rel=shortlink
set-cookie: yay_currency_widget=11529; expires=Sat, 24-Dec-2022 15:47:54 GMT; Max-Age=2592000; path=/
content-type: text/html; charset=UTF-8
date: Thu, 24 Nov 2022 15:47:53 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.9
162.241.7.200200 OK 27 kB URL HTTP/2 zafarr.com/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.9
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5c37c12bdbed9edeeade7e37f93e2554
e56804d2640d98379f4d24b938241ab24944ed99
8d13e5f190e4c0f968ed033233598e278d294737abc5a46c5e0505b1f88320cb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.9 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Mar 2022 06:04:56 GMT
accept-ranges: bytes
content-length: 27307
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/jquery.magnific-popup.js?ver=1.0
162.241.7.200200 OK 42 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/jquery.magnific-popup.js?ver=1.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5b23ded83b6a631b06040ed574e43dd6
554d5d9da772b0145af586fc73e7e23403aef9d5
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/jquery.magnific-popup.js?ver=1.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 41730
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/plugins/slick.min.js?ver=1.0
162.241.7.200200 OK 43 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/plugins/slick.min.js?ver=1.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (42862)
Hash d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/plugins/slick.min.js?ver=1.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:07 GMT
accept-ranges: bytes
content-length: 42863
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/farmart-addons//assets/js/elementor.js?ver=20170530
162.241.7.200200 OK 55 kB URL HTTP/2 zafarr.com/wp-content/plugins/farmart-addons//assets/js/elementor.js?ver=20170530
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (505)
Hash 8911877ee1e66cc1e6c7043f68f19cab
54f21f54714b16f765265931f3a64d69899a453a
898fef83f8078d3bc5747813719a0ef246bc3dbbeef1e4884dc6b19545d298be
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/farmart-addons//assets/js/elementor.js?ver=20170530 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:45 GMT
accept-ranges: bytes
content-length: 55018
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/js/scripts.js?ver=20220304
162.241.7.200200 OK 95 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/js/scripts.js?ver=20220304
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1049)
Hash 9128852a7c1410ec3e4bc2b1129b671e
eefb973af3e553e9db7eaba5ba0703bf8e5cbf74
ae79335ec247a0b00f7eb9a63a289634db85d7171f5ccee1bf028bb4172ac44b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/js/scripts.js?ver=20220304 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 26 Aug 2022 10:55:11 GMT
accept-ranges: bytes
content-length: 95368
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4
162.241.7.200200 OK 146 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (45027)
Size 146 kB (146483 bytes)
Hash 78f997c25dc69e0169aa7b6fa85edc49
7bf00f388e3c129738954178107a58c984a69d53
e82c6f060a948b7524065a0dbbd3a68ee508b35ed6d847761b35dc65d72d706b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/widget-scripts.js?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 146483
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
162.241.7.200200 OK 21 kB URL HTTP/2 zafarr.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 034bd11ecaf6fb9240d905245e42e202
ff136c394ed95badfc0107fb98a890dcff642828
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Nov 2022 03:17:57 GMT
accept-ranges: bytes
content-length: 21440
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4
162.241.7.200200 OK 810 B URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (810), with no line terminators
Hash 5ab577656d48e7fb2da4071c3477d4f4
34a292f50ec979d7967a08c2ff4d707c39a11f3c
8667a50fdab17dd946e43e37c6fd1623583b9440bdca887e44cc726e48feedaf
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/animate-circle.js?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 810
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (12198), with no line terminators
Hash 3819c3569da71daec283a75483735f7e
ecd40a5cc6f0b76200c454ca880210dc301cfab8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 12198
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
162.241.7.200200 OK 40 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (40438)
Hash ab2ed7a7a595bde264a98935f0f50c7e
9cb6ee07b4f060ca17df0700fe98ad73df60af09
37209a2b751204dc01191986b6ef47f27463285de8a341729c514d70a19a90fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 40477
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
162.241.7.200200 OK 33 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (32569)
Hash 93702100295d778c25763497cca6523f
f03bbd609b28c89875882a1741ea27c6018f2d59
dcf3add9ee30897e196931db9947cd4fa29f8b9244b49938f1590ed6fabe4002
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 32609
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4
162.241.7.200200 OK 17 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17062), with no line terminators
Hash c578b86d120969a4ea3d33c8bacbb354
04de8aeae6facb7101e71099780e96c929ece1f2
8ab0b5957fd9e9dc519e93d9d37eaa1ba906872efe4fed8ea6212f4dcc75646c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/widgets/init/assets/js/elementor.js?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 17062
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yaycurrency/assets/dist/flags/ae.svg
162.241.7.200200 OK 218 B URL HTTP/2 zafarr.com/wp-content/plugins/yaycurrency/assets/dist/flags/ae.svg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 6ab1227cbf8295d20ed9fc79f19f955b
84300035325ef7cb36579e7fac7d5c30ac1be531
c6b73c3429f705801d3ac2ea52009aec823cfd2e24c50f03b6d115598794de4b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yaycurrency/assets/dist/flags/ae.svg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 11:13:15 GMT
accept-ranges: bytes
content-length: 218
content-type: image/svg+xml
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yaycurrency/assets/dist/flags/us.svg
162.241.7.200200 OK 5.0 kB URL HTTP/2 zafarr.com/wp-content/plugins/yaycurrency/assets/dist/flags/us.svg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5019), with no line terminators
Hash e4491a05d0b378b16ac38378699a4abf
382b35a8982add21d15e33c41ea72386dbf82a48
e6ee27915881c3d5b81632d835673a8d0e7a627732c25ab7b92659208c3ccd9d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yaycurrency/assets/dist/flags/us.svg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 11:13:15 GMT
accept-ranges: bytes
content-length: 5019
content-type: image/svg+xml
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/yaycurrency/assets/dist/flags/in.svg
162.241.7.200200 OK 892 B URL HTTP/2 zafarr.com/wp-content/plugins/yaycurrency/assets/dist/flags/in.svg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (892), with no line terminators
Hash c5b340627502bca474bb3f539c5e77b9
a6db7c1605ffd7e99e6fc9e1b3eaf009c0deb168
30b6eb5da74da61501215a284cfb7b81179e14d15dd556ba8b229b7f27afba15
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/yaycurrency/assets/dist/flags/in.svg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 18 Aug 2022 11:13:15 GMT
accept-ranges: bytes
content-length: 892
content-type: image/svg+xml
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.4
162.241.7.200200 OK 472 B URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.4
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=2.5.4 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 139153
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
162.241.7.200200 OK 78 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 78196
content-type: font/woff2
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMulish%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
142.250.74.10200 OK 472 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMulish%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1
IP 142.250.74.10:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CMulish%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 15:47:55 GMT
date: Thu, 24 Nov 2022 15:47:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2
216.58.207.195200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 28504, version 1.0\012- data
Hash 91232fd5774a3b83c5781ffb24b9450d
3f492b6cafa99e16d334edc16a6e633d7eda3569
ee6428dc15beb065bef14ce4cbab92a469d0fccfa20ec5b05455775e77a05b39
GET /s/muli/v28/7Auwp_0qiz-afTzGLRrX.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 16:46:17 GMT
expires: Fri, 17 Nov 2023 16:46:17 GMT
cache-control: public, max-age=31536000
age: 601300
last-modified: Mon, 11 Jul 2022 20:36:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
162.241.7.200200 OK 13 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 13276
content-type: font/woff2
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
162.241.7.200200 OK 92 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 92444, version 1.0\012- data
Hash e5d9164498f1649084fe6fb95d3ad593
29e71123f8ef22f20f8d50bc4caac9db6e04a824
1525cd3ea05d1c00e4b385e781749c3bac5c01570b5800198bec0a252bb6c715
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.15.0 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.15.0
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 92444
content-type: font/woff2
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/themes/farmart/fonts/FarmartIcon.ttf?xi9l80
162.241.7.200200 OK 15 kB URL HTTP/2 zafarr.com/wp-content/themes/farmart/fonts/FarmartIcon.ttf?xi9l80
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash baa51b7790139f5a7b73de5627b84019
73103f94ed5400c4aa4f9b92b9e64846cf228b4c
ddffc5609879387ce6a9e02293a6f7f6f49281ef59b711500a3079386aa3d9df
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/farmart/fonts/FarmartIcon.ttf?xi9l80 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/wp-content/themes/farmart/css/farmartIcon.css?ver=1.0.0
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 17 Mar 2022 03:22:08 GMT
accept-ranges: bytes
content-length: 14880
content-type: font/ttf
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
162.241.7.200200 OK 443 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 442864, version 1.0\012- data
Size 443 kB (442864 bytes)
Hash fd4a1534fca171a46ef07ffca631465e
14c7b48fd5e85e3e375f721299da885330e95152
7659fa917839f5a43c0141f18cad5181d379bdb86a5923e15f5167a307107e2f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/fonts/elementskit.woff?y24e1e HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/elementskit-lite/modules/elementskit-icon-pack/assets/css/ekiticons.css?ver=2.5.4
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 11:14:43 GMT
accept-ranges: bytes
content-length: 442864
content-type: font/woff
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 75248
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
216.58.207.195200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 27428, version 1.0\012- data
Hash e6d08c334958c128b793b570a7dce066
081111500e97a7663ff936f847e050fee6b8be2b
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
GET /s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27428
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 01:13:04 GMT
expires: Wed, 22 Nov 2023 01:13:04 GMT
cache-control: public, max-age=31536000
age: 225293
last-modified: Mon, 11 Jul 2022 18:57:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
162.241.7.200200 OK 77 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/brands.min.css?ver=5.15.3
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 76764
content-type: font/woff2
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:59 GMT
expires: Fri, 24 Nov 2023 06:19:59 GMT
cache-control: public, max-age=31536000
age: 34078
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 15:47:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zafarr.com/wp-content/uploads/2022/07/2060941000000777905-1-350x350.jpg
162.241.7.200200 OK 6.6 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/07/2060941000000777905-1-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 0c8bfdde5b2ddef1dc54c1fed5a06451
346668ab8976cb1936262674df92953eeffd6ac6
24d42ffa340efc5accdf74ff1a9e605d1b14389923f8bcccdd97f8c0f5c117d3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/2060941000000777905-1-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 05:47:48 GMT
accept-ranges: bytes
content-length: 6567
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/05/image-011-1-1-350x350.jpg
162.241.7.200200 OK 14 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/05/image-011-1-1-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash e5bed2a6730f476bae58a02c68730c6d
538f87b9e012b84b729d7a35ba54de74a8026881
662a8fd486904ff52d518e8acf8151f1669493ba9601858017f3051121325a38
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/05/image-011-1-1-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 05:59:03 GMT
accept-ranges: bytes
content-length: 14279
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/07/2060941000017923060-1-350x350.jpg
162.241.7.200200 OK 11 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/07/2060941000017923060-1-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 0f1e317cab93f192d4d2ac55d930beb5
b09f306471d884cb21259e7de8788ff000301b10
f8e1be52d5acf65f45f828dc55fecac2ecbcc4399cba7e0fedc959bbaecffff4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/2060941000017923060-1-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 05:46:44 GMT
accept-ranges: bytes
content-length: 10885
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/07/2060941000000762453-1-350x350.jpg
162.241.7.200200 OK 7.6 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/07/2060941000000762453-1-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 61c2b1ebdd3dab405b087dbaecf847b5
6feb7ae1d0b60b203d6918cc4929a0f239064a37
b22ddfd0a4bdc38e810ccabde2907dcf4254f3ba5ae4671a1b5ae918f149649e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/07/2060941000000762453-1-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 02 Sep 2022 05:47:15 GMT
accept-ranges: bytes
content-length: 7587
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/img/open.svg
162.241.7.200200 OK 1.2 kB URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/img/open.svg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 379c1b8016d8c36ebb8e5c41b3abb980
7a14512b6b1717f3422b2503e2dc0b32184c6aba
d8d2435f146ac95e49f652ad46e35907e282be908871faf46eb3dfb175100138
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/public/assets/img/open.svg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/css/frontend.css?ver=2.6.8
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 1151
content-type: image/svg+xml
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/img/close.svg
162.241.7.200200 OK 824 B URL HTTP/2 zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/img/close.svg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 303e66ecf405d6dc04018e1d17575362
95b68e4bc916a09795585196113e4ee11af0bfb0
ea62a99d3c9d2c7d300d961e80c8e1da277e4383fdc13692ff9f80d6e035e6f9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/woo-floating-cart-lite/public/assets/img/close.svg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/wp-content/plugins/woo-floating-cart-lite/public/assets/css/frontend.css?ver=2.6.8
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 08 Aug 2022 11:14:28 GMT
accept-ranges: bytes
content-length: 824
content-type: image/svg+xml
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-includes/js/thickbox/loadingAnimation.gif
162.241.7.200200 OK 15 kB URL HTTP/2 zafarr.com/wp-includes/js/thickbox/loadingAnimation.gif
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 416 x 26\012- data
Hash ce2268030dd2151b63cdf4ffc2f626ba
15280f21eb43f5fa7838dcf011f67d79e301b15f
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/thickbox/loadingAnimation.gif HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 05 Nov 2012 21:00:15 GMT
accept-ranges: bytes
content-length: 15238
content-type: image/gif
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
hubbleweb.net/zaffr/wp-content/uploads/2022/07/Gotham-Medium.otf
185.214.127.244200 OK 3.8 kB URL HTTP/2 hubbleweb.net/zaffr/wp-content/uploads/2022/07/Gotham-Medium.otf
IP 185.214.127.244:0
ASN #47583 Hostinger International Limited
File type OpenType font data\012- data
Hash 049cca4f4f13b669281008c7ec97293c
f7abb9c1d6e6147c268dff14d7a2133a8035c8b1
6ff652e831619e8c9f55e4cfe5bb60f235b366b7917e455ed431bbe263b3114c
GET /zaffr/wp-content/uploads/2022/07/Gotham-Medium.otf HTTP/1.1
Host: hubbleweb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Fri, 08 Jul 2022 04:47:11 GMT
etag: "2706c-62c7b6cf-4e51c73fa3a78488;;;"
accept-ranges: bytes
content-length: 159852
date: Thu, 24 Nov 2022 15:47:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
hubbleweb.net/zaffr/wp-content/uploads/2022/07/bag-home-banner.jpg
185.214.127.244200 OK 128 kB URL HTTP/2 hubbleweb.net/zaffr/wp-content/uploads/2022/07/bag-home-banner.jpg
IP 185.214.127.244:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1362x517, components 3\012- data
Size 128 kB (127609 bytes)
Hash 0d2f305ce2b459678edf75b59fae9267
5d3bf69bc600a18a5104cda935d3e10274310fb7
d41c3b7e5490c62ccd2489852f6859a3dea4927a6005f4f7db9769b8de85f72c
GET /zaffr/wp-content/uploads/2022/07/bag-home-banner.jpg HTTP/1.1
Host: hubbleweb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:47:57 GMT
content-type: image/jpeg
last-modified: Tue, 26 Jul 2022 12:15:26 GMT
etag: "1f279-62dfdade-dab8736e0b4e6468;;;"
accept-ranges: bytes
content-length: 127609
date: Thu, 24 Nov 2022 15:47:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
hubbleweb.net/zaffr/wp-content/uploads/2022/07/081819_1631_15BestMobil1.png
185.214.127.244200 OK 70 kB URL HTTP/2 hubbleweb.net/zaffr/wp-content/uploads/2022/07/081819_1631_15BestMobil1.png
IP 185.214.127.244:0
ASN #47583 Hostinger International Limited
File type PNG image data, 579 x 482, 8-bit colormap, non-interlaced\012- data
Hash 50572bf080dca4ca705ede94f8510f1b
ad295cb028f18bbc1283a32a4a9fe9c6a9889f66
17d8a23d69512da81570146a6680add975b26798de4d047248eec9810df38b7f
GET /zaffr/wp-content/uploads/2022/07/081819_1631_15BestMobil1.png HTTP/1.1
Host: hubbleweb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:47:57 GMT
content-type: image/png
last-modified: Tue, 26 Jul 2022 12:18:55 GMT
etag: "11190-62dfdbaf-1fb4f0fdd09885f7;;;"
accept-ranges: bytes
content-length: 70032
date: Thu, 24 Nov 2022 15:47:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
hubbleweb.net/zaffr/wp-content/uploads/2022/07/Printed-Graphic-T-shirt-Banner-For-Print-New-India-1-1024x441-1.png
185.214.127.244200 OK 133 kB URL HTTP/2 hubbleweb.net/zaffr/wp-content/uploads/2022/07/Printed-Graphic-T-shirt-Banner-For-Print-New-India-1-1024x441-1.png
IP 185.214.127.244:0
ASN #47583 Hostinger International Limited
File type PNG image data, 1024 x 441, 8-bit colormap, non-interlaced\012- data
Size 133 kB (133348 bytes)
Hash 30b418484bd3b9afc0a29a74c0d67666
746fb1e22268d624deec81b6a513909fc34b3571
13d8cadb4474659ac968c90d98a91b8300107f32cf48834abc6d105705ca6dec
GET /zaffr/wp-content/uploads/2022/07/Printed-Graphic-T-shirt-Banner-For-Print-New-India-1-1024x441-1.png HTTP/1.1
Host: hubbleweb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:47:57 GMT
content-type: image/png
last-modified: Tue, 26 Jul 2022 12:31:19 GMT
etag: "208e4-62dfde97-d828330fb189880d;;;"
accept-ranges: bytes
content-length: 133348
date: Thu, 24 Nov 2022 15:47:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
hubbleweb.net/zaffr/wp-content/uploads/2022/07/1d8466a590159c454ba0d2d73225f29f.gif
185.214.127.244200 OK 102 kB URL HTTP/2 hubbleweb.net/zaffr/wp-content/uploads/2022/07/1d8466a590159c454ba0d2d73225f29f.gif
IP 185.214.127.244:0
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 450 x 450\012- data
Size 102 kB (102141 bytes)
Hash e8eb842052dbd723a8528eb56095e447
82486fa938e6a4bb69ef762f4a5d5762b86583cf
6493751d26fc19491a3a1876627d13241ed171190ef2d1cdb32b02565819c3d1
GET /zaffr/wp-content/uploads/2022/07/1d8466a590159c454ba0d2d73225f29f.gif HTTP/1.1
Host: hubbleweb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 15:47:57 GMT
content-type: image/gif
last-modified: Fri, 15 Jul 2022 11:43:36 GMT
etag: "18efd-62d152e8-fb335ce98f703bea;;;"
accept-ranges: bytes
content-length: 102141
date: Thu, 24 Nov 2022 15:47:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
hubbleweb.net/zaffr/wp-content/uploads/2022/07/Gotham-Book.otf
185.214.127.244200 OK 159 kB URL HTTP/2 hubbleweb.net/zaffr/wp-content/uploads/2022/07/Gotham-Book.otf
IP 185.214.127.244:0
ASN #47583 Hostinger International Limited
File type OpenType font data\012- data
Size 159 kB (158964 bytes)
Hash 9019ab71e2d2d6cc3c9f4140cb27a618
f169d1a42c195495d4815f4e59b4fe72a48792fb
3083f405cb35b16e06d0108836dd6552630c85c7fc5412a5de724e57e6fd7348
GET /zaffr/wp-content/uploads/2022/07/Gotham-Book.otf HTTP/1.1
Host: hubbleweb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-font-woff
last-modified: Fri, 08 Jul 2022 04:47:10 GMT
etag: "26cf4-62c7b6ce-a44522355b3bad55;;;"
accept-ranges: bytes
content-length: 158964
date: Thu, 24 Nov 2022 15:47:57 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/08/cropped-favicon-192x192.png
162.241.7.200200 OK 12 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/08/cropped-favicon-192x192.png
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c679993b1cd48fde87d4a20170772ca0
0179d0593b6040bbb9bc0418cfd582b5899e53dc
b9e16801961e9d8e6850bf579d6b3bdba8d3483fa4c3bcf38edd161ac63847fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/cropped-favicon-192x192.png HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 09:29:53 GMT
accept-ranges: bytes
content-length: 12469
content-type: image/png
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/08/cropped-favicon-32x32.png
162.241.7.200200 OK 1.1 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/08/cropped-favicon-32x32.png
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 06cb562410a9941c844098e41ac6f2ee
bbea95daa8bf78efefb7a12e648a169bc048cb8c
e29434444189a03b92cd09896708fa0e2dd2172d7634249630a4818fb4138988
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/cropped-favicon-32x32.png HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 19 Aug 2022 09:29:53 GMT
accept-ranges: bytes
content-length: 1069
content-type: image/png
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/?wc-ajax=get_refreshed_fragments
162.241.7.200200 OK 3.3 kB URL HTTP/2 zafarr.com/?wc-ajax=get_refreshed_fragments
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- HTML document, ASCII text, with very long lines (1969)
Hash 9b7839c8b27655a87ec8b073c4589a7f
707b148ccb195ccabc4d8a5b6ec04c58f2106bd1
1cc027e884610ac79d840de6221a9d6dd1c038ab50a2e8a563e9cb8287b3eaa7
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://zafarr.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: e80_HTTP.200,e80_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: yay_currency_widget=11529; expires=Sat, 24-Dec-2022 15:47:58 GMT; Max-Age=2592000; path=/
content-type: application/json; charset=UTF-8
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
162.241.7.200200 OK 139 kB URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65280)
Size 139 kB (139153 bytes)
Hash 15bb2b8491fc7e84137d65f610e1685a
cd76b70a5426893e9c022b9a75c50a7c1348e2d0
b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 139153
content-type: application/javascript
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/09/8-tshirt-350x350.jpg
162.241.7.200200 OK 7.7 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/09/8-tshirt-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash ea70cdaa809aa783ad8f2e504dbe0066
1af1698ae3b5c579f9edbc6719b872aec69ff382
7218e5e552e56ebe75d3ae6602d4d93e1029a216007474846ecb9956df21d10e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/8-tshirt-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 11:56:17 GMT
accept-ranges: bytes
content-length: 7709
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/09/7-tshirt-350x350.jpg
162.241.7.200200 OK 9.4 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/09/7-tshirt-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 138dc9edfdce37f8c1e764ca9daf08fd
8eab3b82501bbf08d0f817be4d320f58d38cae16
5522d13b255a4f2bc91441a9df71f6d6854a6776442706a00f5dfee8ae9aefa3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/7-tshirt-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 11:56:26 GMT
accept-ranges: bytes
content-length: 9411
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/09/5-tshirt-350x350.jpg
162.241.7.200200 OK 8.9 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/09/5-tshirt-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 963e5858ef5dcb1e482006ecfc63ab78
1cce79a887236db18cbfcecb78671d7e040a7a9a
fd45c1d6cc4b28ceb3bf581bc35caa907d577ff0920068e155262a33d02b210e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/5-tshirt-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 11:56:41 GMT
accept-ranges: bytes
content-length: 8892
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/09/6-tshirt-350x350.jpg
162.241.7.200200 OK 8.8 kB URL HTTP/2 zafarr.com/wp-content/uploads/2022/09/6-tshirt-350x350.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 350x350, components 3\012- data
Hash 6c5c925f524dce458c3f96f19e9f3cbf
26619b3551bf278fb08ffc6b1b993f535cf8a99d
486bf2e139b6076d3e3feadc6a468aefd6719e4625273ca7bb6aaa9c1372113a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/09/6-tshirt-350x350.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 28 Sep 2022 11:57:19 GMT
accept-ranges: bytes
content-length: 8819
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:58 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc118bae963b381ce5450890130ecf15
9355a16a81b11e024dd2c5c0024aba1121fff925
cb5bc2cc49e05c133434eeb725690b3e32a0d3c6b75074582f941eee3bf7e1c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F707b8d34-3bd2-4793-9e17-c60d0b285f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9828
x-amzn-requestid: bf2f8429-416d-40d4-a237-7593ee26c27a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEv0KHywIAMFvtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e934d-349e1dcc595b1be906a83577;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bQcpPUgu6eN6PQeLMGWwBlf01iHj77_aXHjKmh8SH7HsWlUX6kipDg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:23 GMT
age: 64237
etag: "9355a16a81b11e024dd2c5c0024aba1121fff925"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/08/Stationeries.jpg
162.241.7.200200 OK 0 B URL HTTP/2 zafarr.com/wp-content/uploads/2022/08/Stationeries.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/Stationeries.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 09:05:55 GMT
accept-ranges: bytes
content-length: 249926
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
162.241.7.200200 OK 0 B URL HTTP/2 zafarr.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 02 Aug 2022 03:12:08 GMT
accept-ranges: bytes
content-length: 57912
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/?wc-ajax=get_refreshed_fragments
162.241.7.200200 OK 0 B URL HTTP/2 zafarr.com/?wc-ajax=get_refreshed_fragments
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://zafarr.com
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://zafarr.com
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
x-litespeed-tag: e80_HTTP.200,e80_HTTP.200
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: yay_currency_widget=11529; expires=Sat, 24-Dec-2022 15:47:58 GMT; Max-Age=2592000; path=/
content-type: application/json; charset=UTF-8
date: Thu, 24 Nov 2022 15:47:57 GMT
server: Apache
X-Firefox-Spdy: h2
zafarr.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1651753294
162.241.7.200200 OK 0 B URL HTTP/2 zafarr.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1651753294
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=1651753294 HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Apr 2022 09:22:16 GMT
accept-ranges: bytes
content-length: 26394
content-type: text/css
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Muli%3A400%2C600%2C700%7CPlayfair+Display%3A400%2C400i%7COpen+Sans%3A400%2C600%2C700&subset=latin%2Clatin-ext&ver=20190930
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Muli%3A400%2C600%2C700%7CPlayfair+Display%3A400%2C400i%7COpen+Sans%3A400%2C600%2C700&subset=latin%2Clatin-ext&ver=20190930
IP 142.250.74.10:0
GET /css?family=Muli%3A400%2C600%2C700%7CPlayfair+Display%3A400%2C400i%7COpen+Sans%3A400%2C600%2C700&subset=latin%2Clatin-ext&ver=20190930 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 15:47:55 GMT
date: Thu, 24 Nov 2022 15:47:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zafarr.com/wp-content/uploads/2022/08/Go-green.jpg
162.241.7.200200 OK 0 B URL HTTP/2 zafarr.com/wp-content/uploads/2022/08/Go-green.jpg
IP 162.241.7.200:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/Go-green.jpg HTTP/1.1
Host: zafarr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zafarr.com/
Cookie: yay_currency_widget=11529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 24 Aug 2022 09:06:05 GMT
accept-ranges: bytes
content-length: 312938
content-type: image/jpeg
date: Thu, 24 Nov 2022 15:47:56 GMT
server: Apache
X-Firefox-Spdy: h2