Report - banksoftrust.com/

Report Overview

Submitted URL
banksoftrust.com/
IP
68.65.122.58
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-06 17:38:31
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
84

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	26 kB	34.120.237.76
translate.google.com	1156	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398 B	40 kB	142.250.74.46
goldflowerservice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	971 B	185.177.94.108
0.goldflowerservice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	643 B	185.177.94.108
load.bettershitecolumn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	360 B	349 B	91.211.91.104
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.110
oo00.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.1 kB	212.129.26.71
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.9 kB	23.36.76.226
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	4.2 kB	142.250.74.3
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	18 kB	142.250.74.10
away.bettershitecolumn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	1.7 kB	91.211.91.104
1.goldflowerservice.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	1.1 kB	185.177.94.108
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	736 B	93.184.220.29
banksoftrust.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	176 kB	68.65.122.58
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.165.41.15
js.cofounderspecials.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	366 B	782 B	91.211.91.112
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	banksoftrust.com/	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.3.3	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/font-awesome.min.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/style.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.0.0	Malware
2022-09-06	medium	banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.1.1	Malware
2022-09-06	medium	banksoftrust.com/wp-content/themes/saturnthemes-financebank/style.css?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.0.0	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.0.0	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.0.0	Malware
2022-09-06	medium	banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slide-menu.js	Malware
2022-09-06	medium	banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/jquery.magnific-popup.min.js	Malware
2022-09-06	medium	goldflowerservice.com/w66899721.js	Phishing
2022-09-06	medium	1.goldflowerservice.com/w66899721.js	Phishing
2022-09-06	medium	1.goldflowerservice.com/w66899721.js	Phishing
2022-09-06	medium	banksoftrust.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.min.js	Malware
2022-09-06	medium	banksoftrust.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=5.8.5	Malware
2022-09-06	medium	banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/js/tf_numbers.js?ver=1.8	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	bettershitecolumn.com	Sinkholed
2022-09-06	medium	bettershitecolumn.com	Sinkholed
2022-09-06	medium	bettershitecolumn.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	bettershitecolumn.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed
2022-09-06	medium	goldflowerservice.com	Sinkholed

JavaScript (21)

	URL	Size	First Seen	Last Seen
	banksoftrust.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	12 kB	2023-03-07	2023-07-23
Pretty URL banksoftrust.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:21:54 Last Seen2023-07-23 12:51:57 Times Seen5 Hash b93febd5e182adb5f996e5c3d83e7326 21efd832d5cb3e1223a354582cb22932762a0f6e d29fee3f414882d4f5d907154e681338b0c5519392ca592b36ca51f37716bf12 Loading...

	goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	705 B	2023-03-07	2023-04-05
Pretty URL goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2023-04-05 02:03:39 Times Seen49 Hash dd81871bef578a008b6d389ca0d1a234 31f4851126c5708430334e0b3b5674d7b22f1c2d f4805b1fa2c14f4bfb52cbfcdbd03a7ff3ace4aac7dc2466f0501d5cdfd19954 Loading...

	goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	8.1 kB	2023-03-07	2023-03-07
Pretty URL goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash f5a35323b945e1bb1611c163a6287e38 220aaef0b083ea709c862fd9e9126c3be3c58f12 8b68ab4535fdc46b628fa47128d18508a746492cb9cfb89fc6d07238db7eb8c8 Loading...

	banksoftrust.com/	2.1 kB	2023-03-07	2023-03-07
Pretty URL banksoftrust.com/ IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash 5fed4e4c04534ed4b5cb1b7e4561edc1 62b0b64e6c26a3d5095b2917ee48d61e87ee500b 82c074c5388178f6cf6278812e0453bbb8135bf89b277b45635643caa7457adb Loading...

	goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	29 kB	2023-03-07	2024-01-03
Pretty URL goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2024-01-03 10:59:23 Times Seen188 Hash ae7f0f1874bd3e9a6a0e9736f3307398 f9ea5e0bc3f3f8039b7d2835e9d8aa775621b9d3 cf8229ead2362ab9f5b9f608b9eb668414a21aca7c9bcc0c90b138415abf72cf Loading...

	1.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	8.1 kB	2023-03-07	2023-03-07
Pretty URL 1.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash 288d17ae760a240eafb45c71f9232089 1f67a66d395a83344b5238360f076a351a3e408d 813006be6c9ceeae0cb3b79749527385cdc57fcb89b88c7987ecb9dd38c00404 Loading...

	banksoftrust.com/	529 B	2023-03-07	2023-03-17
Pretty URL banksoftrust.com/ IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:59 Last Seen2023-03-17 11:32:08 Times Seen1 Hash 30d79152fafff1085bf64b6519b37ebc 724bda58703d53b2be3f803f32aeaa65ede960a3 2d1632f2e39e2588d8f33ec21dda044d6d770d012bbf67883f2b54c03d2564b2 Loading...

	banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5	67 kB	2023-03-07	2023-03-07
Pretty URL banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5 IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash e2bdcffd9e3832a7dcf7a27eca57b359 e89f047bd494fd075e2b2b4e27c919a34e40e9dd aacb86b0a6a41f1b4608675acfcecd956085e088c5d776b58e7425f77162f6f3 Loading...

	banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=5.8.5	8.0 kB	2023-03-07	2024-04-26
Pretty URL banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=5.8.5 IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:26 Last Seen2024-04-26 05:07:54 Times Seen6784 Hash dfe0eedf8da578f4a4c43b05448c51d9 812d7071b4e44b1aa5d5ea6c7ce0b79eb9d46520 a0fded691aed767f851011cd3185b928619298a21a0fbdad4808a9e88b490833 Loading...

	banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slide-menu.js	8.7 kB	2023-03-07	2023-03-07
Pretty URL banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slide-menu.js IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash 92af3f7a2283a2cb6bf0a7d5b195d686 6674c7afb394b97a2f2a118ac92f84897862589b f0f276e69549fb9fa162dde5c45c945f29823d39a8bc13f54fdc02453decf867 Loading...

	banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/jquery.magnific-popup.min.js	26 kB	2023-03-07	2023-03-07
Pretty URL banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/jquery.magnific-popup.min.js IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash 6b5e5f59581919f9fcab56262323de44 0a787ea82ace739340741fa25fd56df5d0ad1ad5 39c3457af323ab4b48ad5ad9c8f1c09c3165ab83616aadfbb308ffddbff0c237 Loading...

	load.bettershitecolumn.com/splash.js	6.4 kB	2023-03-07	2023-03-17
Pretty URL load.bettershitecolumn.com/splash.js IP 91.211.91.104 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:04 Last Seen2023-03-17 12:54:29 Times Seen1 Hash 4696665d1ac8dc00c04fe7dc102f395f 522b6653bfd3b0acaed36b76a16283b153f66f51 7a64e46815cfefc7407788ad18d244f46b238d8575477ad53256397e88e60859 Loading...

	goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	203 B	2023-03-07	2024-01-03
Pretty URL goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2024-01-03 10:59:23 Times Seen188 Hash c4824c2a16d2c8bb70469ed7b8508f34 783dcaa37fcdd311197de60f0c55ab5367be4fe2 f97308b8745f77dc6b279dafa3f98d4e64de2f494681e452a477afaa13b4d1fb Loading...

	goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	3.1 kB	2023-03-07	2024-01-03
Pretty URL goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:57 Last Seen2024-01-03 10:59:23 Times Seen191 Hash 68e280edf3cadafe4af8ccdc8782024d 7467ad11f5f3a21a3a4e0ab8556912db67311d90 3d8d725c431734a47f6dbbce8a3546d9490407d342cfbb48eba2eeddede260aa Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2	78 kB	2023-03-07	2023-03-07
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:45 Times Seen1 Hash 84c8602385fef40165bf8b816dd560e0 e1354cd77873be820d3b0c0b2ed2cfb50e933885 5aea52303a4657bcf4460ca2500d1466c26f9da796dc994882e41f4e0edbb434 Loading...

	banksoftrust.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.0.0	12 kB	2023-03-07	2023-06-27
Pretty URL banksoftrust.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.0.0 IP 68.65.122.58 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:43:28 Last Seen2023-06-27 00:02:00 Times Seen3 Hash f4633248948fb1ccc812bd5bf20fcc4f de08da0ba612254153722cf756f7176344efb857 d20b3bf219983e126a187db49404e48f963be6daa13ca37debd9fd6e43f2c720 Loading...

	away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29	214 B	2023-03-07	2023-03-17
Pretty URL away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29 IP 91.211.91.104 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:48 Last Seen2023-03-17 10:40:33 Times Seen1 Hash 8c2c57556e59dfdd3e87744a71d322ae 005fbbb812c3cd9151633b061458d5fce384d321 15c4e0ccda7d3440c3de847d766dcdb8c542155cb492bdd3f2f98faefa27137c Loading...

	0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2	8.1 kB	2023-03-07	2023-03-07
Pretty URL 0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 IP 185.177.94.108 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash 32453c3c938a69980c8c29130e01d2c2 9836d47e0367a839352f0068421f279793245012 59d330d70b649e214cddbe646c0b7050848cf5755d4f2c8d3faf08a8031629aa Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1100fcfb5b5807dec5aa741d8319f933	7.8 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash 1100fcfb5b5807dec5aa741d8319f933 3515ae2dd74d540530ab58bd29ce3e3d6d3c2403 e4caade4077bc9ffbe81569d7d0620a2ceb32d52785a3b4291a18c76126c3905 Loading...

	#2 Eval - ef545cd66f8ae94094fe010ab3b7f27c	7.8 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash ef545cd66f8ae94094fe010ab3b7f27c 3ffb99b8b99a009a3dfb6cac5b620165f1f098aa 9f8a1daf0d4b03d02cabfd7436a362d57751d0c3583623444d25f8d8b6c8d0bc Loading...

	#3 Eval - d622f24941b1033dfa148c1d9b1f7dc7	7.9 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 13:13:42 Last Seen2023-03-07 13:13:42 Times Seen1 Hash d622f24941b1033dfa148c1d9b1f7dc7 6dec87147b6a70e333f0a8339f6a649fd30859ee f4022669aad96ac9b3bafe20f305ce0f666edf9f60ab6561b61657c8b62a40fd Loading...

HTTP Transactions (88)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 17:04:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rzha8WpZ0nRa3WLdTZb1OM5ZxsR9QWGp8ESuupRoYTpLjAwwQCPj-g==
Age: 2041

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15876
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 17:38:21 GMT
Connection: keep-alive

banksoftrust.com/

68.65.122.58

301 Moved Permanently

707 B

URL HTTP/1.1
banksoftrust.com/
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 06 Sep 2022 17:38:21 GMT
server: LiteSpeed
location: https://banksoftrust.com/
x-turbo-charged-by: LiteSpeed

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.110

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.110:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: h4im9TZj-UwIq24mGH8pLvH1TNWE1Q_Z2c31chACG2iTpnmQ6wv7BQ==
age: 58984
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 06 Sep 2022 17:38:18 GMT
Expires: Tue, 06 Sep 2022 17:42:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yFcmZLwLbM0rtG-G9j-WkZOZpTFCrnxJpxn48wR5WwXjaF5atSkrOA==
Age: 3

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
cea5c4ca45947eb7a834c2e22a6bb3ba
6eddd1c57766cc9957ece2f4455cefcd113793f5
e03bfffb81f02600f5feccb89cdb0cdd092785292d6e2c6d23c541fdaf8ce28b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 17:38:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 13:45:44 GMT
Expires: Sun, 11 Sep 2022 13:45:43 GMT
Etag: "6eddd1c57766cc9957ece2f4455cefcd113793f5"
Cache-Control: max-age=417441,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7468fa548997b52d-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 734
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:21 GMT
Last-Modified: Tue, 06 Sep 2022 17:26:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.165.41.15

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.41.15:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rFmxaWbNr94IZ+OzN1DT5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mgghx8g9UEhMEMXncdNE2pTmCKo=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

banksoftrust.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.8.5

68.65.122.58

200 OK

237 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
237 B (237 bytes)
Hash
83042c9c72bc38390b52906120f81c35
98a9789c05c0f981dca01d2c3622b5e458ba7589
a193b2efbe3e706cc8c633fff822f5a64eb0ee5f692c4a3495f3c7e58e8b7637

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Tue, 24 Nov 2020 11:06:16 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 237
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/

68.65.122.58

200 OK

32 kB

URL HTTP/2
banksoftrust.com/
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30008), with CRLF, LF line terminators
Size
32 kB (32080 bytes)
Hash
12079b088c6e964697368458413db279
ccc55cb40c7aff753b9c1020997ba74281b39010
3f23c72a38e8d34194d574b5253fc14439c0a9b3c32576200d542f7a7e92e082

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
link: <https://banksoftrust.com/wp-json/>; rel="https://api.w.org/", <https://banksoftrust.com/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json", <https://banksoftrust.com/>; rel=shortlink
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: d20_HTTP.200,d20_front,d20_URL.6666cd76f96956469e7be39d750cc7d9,d20_F,d20_Po.11,d20_PGS,d20_
etag: "1434-1662485902;br"
x-litespeed-cache: miss
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 17:38:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.3.3

68.65.122.58

200 OK

1.2 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.3.3
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5305), with no line terminators
Size
1.2 kB (1207 bytes)
Hash
8869d434cd2a3350017c5dddb6b6c624
218f6b304da36e0e5c1212e2b8afd934f2801a93
80727ae14af6bf4636a9455f87ce0e83429bacb577965aee4d0ce980759bf7e9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=6.3.3 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 12:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1207
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 17:38:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

banksoftrust.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.3.3

68.65.122.58

200 OK

20 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.3.3
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size
20 kB (19843 bytes)
Hash
9d96f66ab6bfde11b16c068a7f162b0c
4475a0eb37ecb59888995236d7c7040fc3d9fc07
009fcebbd3538ed13ea5c61ff6ee6958955485010728a1747a3d36d4e1c38531

HTTP Headers

GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=6.3.3 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 12:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 19843
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=5.8.5

68.65.122.58

200 OK

1.5 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
assembler source, ASCII text, with very long lines (780)
Size
1.5 kB (1470 bytes)
Hash
08a40a22f7be47dd939d7a2798d25ce3
372f9c9556ea8f098a4a300eb32a3580c729ae29
d487f7bd8ca6d187c81360343d67847168fe8652a9948f48eda68790f744d62e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/css/bootstrap-front.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 22:12:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1470
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5831973c035e1feb553f86c9a76ad009
1e43981e026aae60f63aa0c3cb90380636571430
4f33784e491780bea2fb34a347da19886a6076bf0e07c6fb439cc3b088db9f8b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F33784E491780BEA2FB34A347DA19886A6076BF0E07C6FB439CC3B088DB9F8B"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1021
Expires: Tue, 06 Sep 2022 17:55:24 GMT
Date: Tue, 06 Sep 2022 17:38:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17159
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:38:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17159
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:38:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17159
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:38:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17159
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 17:38:23 GMT
Connection: keep-alive

fonts.googleapis.com/css?family=Yantramanav%3A700&subset&ver=3.0.16

142.250.74.10

200 OK

910 B

URL HTTP/2
fonts.googleapis.com/css?family=Yantramanav%3A700&subset&ver=3.0.16
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
910 B (910 bytes)
Hash
5208a8d51965dc919a48efc813457e4b
5dffcbc97303494a76558cfb9b629c8c65325efa
ee87ec9fca70d8bd5e3c7a8cc072a99fbecef6bca2b4b521b24cc562533464c6

HTTP Headers

GET /css?family=Yantramanav%3A700&subset&ver=3.0.16 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 17:38:23 GMT
date: Tue, 06 Sep 2022 17:38:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8688 bytes)
Hash
6bb4b1d74f1443bc3328301ab3ae6464
2768253dacaaad6cb498c6b2eb7694208b0ce0a6
07dcc95dab7757402998a5a61b540c965ce95c8bd51a814a09438981693b563a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc410b0d8-b008-47cc-bbf7-a762c06e0fcd.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8688
x-amzn-requestid: e408351e-ba6c-4e55-815d-449af808282f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5yMEFBLoAMFtqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6313ca4d-13831d8572a3b3cf54a0e747;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:42:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GFM9jerDkTPdhlUTm99E7Lpksw2ZGnV81bNVaZLvWSAiRNDNtkZi4g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:39 GMT
age: 71624
etag: "2768253dacaaad6cb498c6b2eb7694208b0ce0a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&ver=5.8.5

142.250.74.10

200 OK

6.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Abril+Fatface%3Aregular&ver=5.8.5
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
6.1 kB (6120 bytes)
Hash
a615f43013cc0fb0803f822ba84448b5
6147efacd5e9f69d1f6137bb4b369fa5e10284de
7b3fc3b54528ebc524d8f92cddf2a4e4cc035350e777b76b00045edc88f58b84

HTTP Headers

GET /css?family=Abril+Fatface%3Aregular&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 17:38:23 GMT
date: Tue, 06 Sep 2022 17:38:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6656 bytes)
Hash
983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:44:33 GMT
age: 71630
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=5.8.5

68.65.122.58

200 OK

6.7 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30837)
Size
6.7 kB (6657 bytes)
Hash
5dbbe85d6a3308dceb97d91b740b0f11
3f70abf9963371962665167f98ba52365481496d
751d4fdd16bd33cc9c93bcaadcd316922ca9bbd74cb6a9e1705c8bef4330dabf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/css/font-awesome/css/font-awesome.min.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 22:12:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6657
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.46

200 OK

39 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
data
Size
39 kB (39378 bytes)
Hash
6796a2839da7fe248dfa639472a8f4cd
7b6fe7c6190a23828423cd0610969989ef17cdf7
a3c9861a15f2932cbee655454536a21ccc57d96ed30c194cff4478b149fdf16d

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 17:38:23 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+358; expires=Thu, 05-Sep-2024 17:38:23 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/counter-column.css?ver=5.8.5

68.65.122.58

200 OK

239 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/css/counter-column.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
239 B (239 bytes)
Hash
5633a3b2c4b50ad3484c4fed043dc9d1
a3b8881a6690aa426d386c2c3c0da2ca040c1994
045e6da12132390129fbc7f2b4542973e68eb5688c734dab2f3229cf89d474e0

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/css/counter-column.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 22:12:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 239
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7855 bytes)
Hash
8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QFEoJOq9eyhQH3KTlAB_ctOvGWRfAkPMHiZUa34wae07KaezXFodBg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:57:14 GMT
age: 70869
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5

68.65.122.58

200 OK

6.9 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (29701), with CRLF line terminators
Size
6.9 kB (6856 bytes)
Hash
1adf583a268e30aaaed46550b156467c
6a785895330c86950708fe91b507a2e7803eb8be
25dde0693ac14abf231374b31feb6f7a8e4e7687640d1c013e3336ad03d1283f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 14:14:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6856
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/font-awesome.min.css?ver=5.8.5

68.65.122.58

200 OK

6.7 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/font-awesome.min.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30915)
Size
6.7 kB (6663 bytes)
Hash
d9b629aa0446889614cc86746bc14a62
0f100139b2a944c4fa90ed7966513fe11c6ced23
8bd9a0c94824be2c39850479e194f6ab1cbd8aa849701e3a50ee2d5a1e736793

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/font-awesome.min.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 22:37:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6663
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/style.css?ver=5.8.5

68.65.122.58

200 OK

382 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/style.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
382 B (382 bytes)
Hash
c29458121f49fd18ab03594f00b9e3a5
579f08384ba6e38ee016889b6253956d9efbf45b
b48224c1fce2f901b0e9a58bf2fd5d12127f65e4742be6ac78cba78e780c1cae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/tf-numbers-number-counter-animaton/assets/css/style.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 22:37:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 382
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.0.0

68.65.122.58

200 OK

2.3 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.0.0
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (17822), with no line terminators
Size
2.3 kB (2344 bytes)
Hash
06ed8004b6295a6879b33a0972438a15
b20a065c447bedd3df5754563c3d447c9a804d77
0545f74d8c6ac5778ebbb8e7f972a1cf1a9ed8d1e30fbdb3c51c0c96f30e7487

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.0.0 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 12:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2344
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=5.8.5

68.65.122.58

200 OK

1.7 kB

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.7 kB (1683 bytes)
Hash
eafd532a9d530cbb91a75bd98d77b8db
9f90575082e9a0359928a277e681e467e20b02c7
a023d8531a89d481d1892417a04d983a4315ab508d8bc31eff0b044984bb2f16

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/pe-icon-7-stroke/css/pe-icon-7-stroke.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1683
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.1.1

68.65.122.58

200 OK

6.3 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.1.1
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (28824)
Size
6.3 kB (6308 bytes)
Hash
59bca3446ccb4134e341a4fe634ff680
7de70318e580b19bd27e4f453eb5315d5da92527
bfc0245f6d960e942e0906bc25a7bfeec5055f9deb4fecbe465ec37109a13bc9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.1.1 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 14:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6308
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.css?ver=5.8.5

68.65.122.58

200 OK

461 B

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
461 B (461 bytes)
Hash
4f3739ea156ce8dead3c76b95fda28af
5ac3fde9b8811a3d21c5eea718f654ffcdd3b235
cb27589ba6bc77462e311b06958f23457901cc9f2e95cbb6399cc568542df93c

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 461
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick-theme.css?ver=5.8.5

68.65.122.58

200 OK

781 B

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick-theme.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text
Size
781 B (781 bytes)
Hash
70b420a729b9ad45f0297c3abefe79b3
a9fb6db17e58ec3963a048a8d2d518a981022174
302be22690c7b56cb40171c4681ebeab166b9944ec76b0c610f5d1d6104bc137

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick-theme.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 781
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/swipebox/css/swipebox.css

68.65.122.58

200 OK

1.2 kB

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/swipebox/css/swipebox.css
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.2 kB (1209 bytes)
Hash
1bab2e436018cfacd70fc46fdb757445
ca5bfde21093386a74f1a588e63284e75f5cdfc3
5e7a933268eb8aafe844a3bb970d78ad0a75bb8cb5fe958a97b0f11485abb2e6

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/swipebox/css/swipebox.css HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1209
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/style.css?ver=5.8.5

68.65.122.58

200 OK

428 B

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/style.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
428 B (428 bytes)
Hash
5801d815049888bf172f7bd92dcf60c3
d871dd78ce962912c331eb21ceedcf1831161b70
1fafb4f712ba6d3caf329769b2ed3b5dd0e8307689e45cca226ce7bf5fb1e510

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/style.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 428
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1753e60d4b92bbb354edfbb9d85f365a
09b75cd56210447d470f7cd7914591a61fd132e1
3a83a3a5cb7c7061967bca347c3e76479735ad8caef9d590442d5c33290d69bf

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A83A3A5CB7C7061967BCA347C3E76479735AD8CAEF9D590442D5C33290D69BF"
Last-Modified: Tue, 06 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21542
Expires: Tue, 06 Sep 2022 23:37:25 GMT
Date: Tue, 06 Sep 2022 17:38:23 GMT
Connection: keep-alive

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/magnific-popup.css?ver=5.8.5

68.65.122.58

200 OK

1.8 kB

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/magnific-popup.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.8 kB (1782 bytes)
Hash
f3a37492f2df43f75801e3bec2c55e8e
0a8bbddf0fea047ef8a70eb64975166f3a24c88c
d127fcc44be73d34bb385a752b3e702e4c4a879b201671c113a4a9d347b2828a

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/magnific-popup.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1782
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

68.65.122.58

200 OK

4.3 kB

URL HTTP/2
banksoftrust.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11834)
Size
4.3 kB (4296 bytes)
Hash
ce98b1aeeffb5c21974d09112c26adb1
e0e80026afb2b79c2ac3ed2dd1a7cde7adb1a3ab
274dac5756cb49aa25c06138b61eff502e06629812c5b21d2f843d5e6b110866

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 14:02:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4296
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

js.cofounderspecials.com/splash.js?v=5.1.7

91.211.91.112

200 OK

573 B

URL HTTP/1.1
js.cofounderspecials.com/splash.js?v=5.1.7
IP
91.211.91.112:0
ASN
#206638 PE Brezhnev Daniil

File type
ASCII text, with very long lines (2348), with no line terminators
Size
573 B (573 bytes)
Hash
2b3c14b2a6b311ee0557187a42d5dab1
4524506ded62ca19792f4c8dbb441fd32336fd57
3514c926c9a95eb83016b60c34909133e627445d6876ca934fd8464d65a6e3ef

HTTP Headers

GET /splash.js?v=5.1.7 HTTP/1.1
Host: js.cofounderspecials.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 17:38:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

fonts.googleapis.com/css?family=Yantramanav:700%2C900%7COpen+Sans:800

142.250.74.10

200 OK

8.9 kB

URL HTTP/2
fonts.googleapis.com/css?family=Yantramanav:700%2C900%7COpen+Sans:800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
8.9 kB (8892 bytes)
Hash
81daed438cea1ea64762ae0882916075
3f3cc981661518eff2c1e9a04dad5c97d717f030
b63dd3f1d215b7cc4002459a7a2a9a92e7c7e0363c707694f114c85c4e09e4f4

HTTP Headers

GET /css?family=Yantramanav:700%2C900%7COpen+Sans:800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 17:38:23 GMT
date: Tue, 06 Sep 2022 17:38:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5

68.65.122.58

200 OK

18 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65201), with CRLF line terminators
Size
18 kB (18214 bytes)
Hash
1802f433a4b2ca52cdd1acf4eaadf520
d02b5e913741226e807ee7ac0ae7cfe7fb2fd8ba
701c19d3566f491fca1fcbca537fb68670006bb6f6228860d967bc47cdd43527

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Sat, 21 Nov 2020 14:14:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 18214
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.0.0

68.65.122.58

200 OK

3.9 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.0.0
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9139)
Size
3.9 kB (3856 bytes)
Hash
4933f9ebabbd00da6270adc54576d771
9429ed492678a3004ca152ac874670200104950d
029ff39693a81cb652ab23bedfe6e607d36ee6d3b13b59078a2a06e2283db7b3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.0.0 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 15:35:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3856
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/gtranslate/flags/24/en.png

68.65.122.58

200 OK

1.8 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/gtranslate/flags/24/en.png
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1767 bytes)
Hash
ec7233b5c80e5db85f7733b2ec25203f
d4c36fff06dc7d920b10eb13b58ea9cd9321b430
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40

HTTP Headers

GET /wp-content/plugins/gtranslate/flags/24/en.png HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: image/png
last-modified: Tue, 24 Nov 2020 11:06:16 GMT
accept-ranges: bytes
content-length: 1767
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/revslider/admin/assets/images/dummy.png

68.65.122.58

200 OK

73 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/revslider/admin/assets/images/dummy.png
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Size
73 B (73 bytes)
Hash
9d08eac154f5b02ef14e612fc25b9bf2
5a1e9121811015fbc274dae72072f874aee3d805
17af9e65317bbbfbbd0bcdc729f14faadf37cd08cf30cc0fe0b72443e78cbffb

HTTP Headers

GET /wp-content/plugins/revslider/admin/assets/images/dummy.png HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: image/png
last-modified: Sat, 21 Nov 2020 14:14:18 GMT
accept-ranges: bytes
content-length: 73
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.1.1

68.65.122.58

200 OK

1.2 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.1.1
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1786)
Size
1.2 kB (1183 bytes)
Hash
3f573f26a2e25c45c22c6db88f81fbbb
8b7701067ce97ba8b51e3771f73a8d4c64738409
379f92afdb0bd564da169e1d90de1dc728742af88c99ea0e97c3aa497dd6e1c8

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.1.1 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Sat, 21 Nov 2020 14:32:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1183
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.0.0

68.65.122.58

200 OK

970 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.0.0
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (3037), with no line terminators
Size
970 B (970 bytes)
Hash
155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=6.0.0 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 12:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 970
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/font-awesome.css

68.65.122.58

200 OK

7.1 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/font-awesome.css
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (372)
Size
7.1 kB (7107 bytes)
Hash
87078655aa8277916a177ef54987bd69
5582874ebd2c517538b2259d39de0f78b2f15d11
8c4e40d1509ef0cc7a4cc731e8bc160e6375a17f8a50ba87b9e235ad14e5714a

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/fonts/font-awesome/css/font-awesome.css HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 14:14:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7107
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=5.8.5

68.65.122.58

200 OK

2.5 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7808)
Size
2.5 kB (2461 bytes)
Hash
c5caa8567f12989b5b77097e164196ac
a983cdf44314a6a2ab08b8c34290cc8861c0d8d8
5344e700c28cf98a8442240bf1f51a6de71b697369ab729ce1c90cfb42b3dea8

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/waypoints.min.js?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 22:12:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2461
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=5.8.5

68.65.122.58

200 OK

155 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
155 B (155 bytes)
Hash
e318a11a341e18878bef8f164578620d
ccd816531e9d9a669acaff10d326d50764288c59
2cfcf1b1b821b9ada3643b69a2499b215760596084e67dd25ff0091405213622

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/counter_nscript.js?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 22:12:23 GMT
accept-ranges: bytes
content-length: 155
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.0.0

68.65.122.58

200 OK

677 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.0.0
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2139), with no line terminators
Size
677 B (677 bytes)
Hash
a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.0.0 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 12:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 677
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slide-menu.js

68.65.122.58

200 OK

2.7 kB

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slide-menu.js
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (1786)
Size
2.7 kB (2745 bytes)
Hash
5ad7d55a35bc822bad65dba381852734
8e18c1aa9a6c38824ebcb3db798ae56f366ba85e
f3a2771db6cbc9e4ded61ec7d4a81eed2d1d1894f677df91f2c3548f5a0b3086

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/slide-menu.js HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2745
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/jquery.magnific-popup.min.js

68.65.122.58

200 OK

8.9 kB

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/jquery.magnific-popup.min.js
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (22857)
Size
8.9 kB (8931 bytes)
Hash
30b743a7a73905ec57ce9901561a3c76
6d7c7bd07061d1e53045f950a5b031c7bd600800
bfa6ba3fbdade9bd96194ebfc8ca5306d2f338697941f4668451ed7302bf4d8f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/magnific-popup/jquery.magnific-popup.min.js HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 15:35:09 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8931
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.0.0

68.65.122.58

200 OK

1.1 kB

URL HTTP/2
banksoftrust.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.0.0
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7043), with no line terminators
Size
1.1 kB (1058 bytes)
Hash
398489038b789364a5c83f044e11974d
d5caf5f64c45693de65b5c0a801bfbf83a325485
32365dde0c909abbb02d8b6a8d9938056ba47f325d51e75082e3d265ce5f76d5

HTTP Headers

GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.0.0 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:24 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 12:38:50 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1058
date: Tue, 06 Sep 2022 17:38:24 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11

91.211.91.104

302 Found

0 B

URL HTTP/2
away.bettershitecolumn.com/away.php?id=98&kid=3467-23&sid=884578-34-76987-11
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /away.php?id=98&kid=3467-23&sid=884578-34-76987-11 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 17:38:25 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23

91.211.91.104

302 Found

0 B

URL HTTP/2
away.bettershitecolumn.com/track.php?aid=98823&uid=46536-433-636474-23
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /track.php?aid=98823&uid=46536-433-636474-23 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://banksoftrust.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
server: nginx
date: Tue, 06 Sep 2022 17:38:25 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29

91.211.91.104

200 OK

824 B

URL HTTP/2
away.bettershitecolumn.com/track.php?tid=54889&lid=9554-66-457679-29
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
824 B (824 bytes)
Hash
60c88ba584a891d48f4070c119173654
b7a23e529050abd398ed2db79ecbf1ab6b842b42
f90ed7765277528b8efe48a6af517867720af425ff3976e4f68ed85928a4f4c4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /track.php?tid=54889&lid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://banksoftrust.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:25 GMT
content-type: text/html; charset=UTF-8
content-length: 824
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43d26cdd1c8a5feb8ba46d75fc08a1b8
6bf07af2b342720e963b58c15cd24431885fad15
742d43f0f240cf4a2be1035d414c151d2eccd5a08703b5bdf09b797c992b5914

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "742D43F0F240CF4A2BE1035D414C151D2ECCD5A08703B5BDF09B797C992B5914"
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2719
Expires: Tue, 06 Sep 2022 18:23:44 GMT
Date: Tue, 06 Sep 2022 17:38:25 GMT
Connection: keep-alive

goldflowerservice.com/w66899721.js

185.177.94.108

200 OK

49 B

URL HTTP/2
goldflowerservice.com/w66899721.js
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
8b2c9a0f63099698ba10b15b41fa47e4
dba24ca51e5b2c0fba6fa07441972a2fcc217088
dbb05cc7642fa61c7cbeda7a9c1db3e43db644dfd78d14e4f8cf73df3b7689ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /w66899721.js HTTP/1.1
Host: goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

goldflowerservice.com/favicon.ico

185.177.94.108

204 No Content

0 B

URL HTTP/2
goldflowerservice.com/favicon.ico
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 06 Sep 2022 17:38:26 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ca155182fb9e293379f8870561385c78
7b4b1dbd0c5b0c55a96f6cf44ebd126f4a6b6c7e
a7cf8b45f28565b97d52a61ed5dd73361125e8bd7d1c5a15ec821429bd2fc18b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7CF8B45F28565B97D52A61ED5DD73361125E8BD7D1C5A15EC821429BD2FC18B"
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9911
Expires: Tue, 06 Sep 2022 20:23:37 GMT
Date: Tue, 06 Sep 2022 17:38:26 GMT
Connection: keep-alive

banksoftrust.com/wp-content/uploads/2021/12/BTBANK.png

68.65.122.58

200 OK

16 kB

URL HTTP/2
banksoftrust.com/wp-content/uploads/2021/12/BTBANK.png
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1080 x 213, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (16433 bytes)
Hash
5f896f7c39e3d297b8162902fffd2edd
5ca43f536c1d86f533f2c5f96b8521497e246871
b26665c904e9a0bf51d4d7dd263e19743f7f71229decdb1e86bb390662be9a93

HTTP Headers

GET /wp-content/uploads/2021/12/BTBANK.png HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: image/png
last-modified: Wed, 22 Dec 2021 09:30:48 GMT
accept-ranges: bytes
content-length: 71724
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

0.goldflowerservice.com/favicon.ico

185.177.94.108

204 No Content

0 B

URL HTTP/2
0.goldflowerservice.com/favicon.ico
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0.goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; uuid=3d1edd5a-def9-4335-8515-7a962622b184
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 06 Sep 2022 17:38:26 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

1.goldflowerservice.com/w66899721.js

185.177.94.108

200 OK

49 B

URL HTTP/2
1.goldflowerservice.com/w66899721.js
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
8b2c9a0f63099698ba10b15b41fa47e4
dba24ca51e5b2c0fba6fa07441972a2fcc217088
dbb05cc7642fa61c7cbeda7a9c1db3e43db644dfd78d14e4f8cf73df3b7689ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /w66899721.js HTTP/1.1
Host: 1.goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; uuid=3d1edd5a-def9-4335-8515-7a962622b184
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 49
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

1.goldflowerservice.com/favicon.ico

185.177.94.108

204 No Content

0 B

URL HTTP/2
1.goldflowerservice.com/favicon.ico
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 1.goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; uuid=3d1edd5a-def9-4335-8515-7a962622b184
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 06 Sep 2022 17:38:27 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

1.goldflowerservice.com/w66899721.js

185.177.94.108

304 Not Modified

0 B

URL HTTP/2
1.goldflowerservice.com/w66899721.js
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /w66899721.js HTTP/1.1
Host: 1.goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; uuid=3d1edd5a-def9-4335-8515-7a962622b184; uuid=3d1edd5a-def9-4335-8515-7a962622b184
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
If-Modified-Since: Wed, 27 Jul 2022 05:35:25 GMT
If-None-Match: "62e0ce9d-31"
Cache-Control: max-age=0
TE: trailers

HTTP/2 304 Not Modified
server: nginx
date: Tue, 06 Sep 2022 17:38:28 GMT
last-modified: Wed, 27 Jul 2022 05:35:25 GMT
etag: "62e0ce9d-31"
access-control-allow-origin: *
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ca155182fb9e293379f8870561385c78
7b4b1dbd0c5b0c55a96f6cf44ebd126f4a6b6c7e
a7cf8b45f28565b97d52a61ed5dd73361125e8bd7d1c5a15ec821429bd2fc18b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7CF8B45F28565B97D52A61ED5DD73361125E8BD7D1C5A15EC821429BD2FC18B"
Last-Modified: Sun, 04 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9909
Expires: Tue, 06 Sep 2022 20:23:37 GMT
Date: Tue, 06 Sep 2022 17:38:28 GMT
Connection: keep-alive

1.goldflowerservice.com/?auf=gazgiobsge5diojygyxtonbtgqxtemzpge3dmmruha2tsmbx&s=1&sub1=&sub2=Zvold2&sub3=&sub4=&cpc=0&cpm=0

185.177.94.108

200 OK

0 B

URL HTTP/2
1.goldflowerservice.com/?auf=gazgiobsge5diojygyxtonbtgqxtemzpge3dmmruha2tsmbx&s=1&sub1=&sub2=Zvold2&sub3=&sub4=&cpc=0&cpm=0
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?auf=gazgiobsge5diojygyxtonbtgqxtemzpge3dmmruha2tsmbx&s=1&sub1=&sub2=Zvold2&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: 1.goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; uuid=3d1edd5a-def9-4335-8515-7a962622b184
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:27 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; expires=Thu, 06-Oct-2022 17:38:27 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 14:32:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 41027
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Sat, 21 Nov 2020 14:14:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 37993
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.min.js

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.min.js
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/lib/slick/slick.min.js HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10648
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

load.bettershitecolumn.com/splash.js

91.211.91.104

200 OK

0 B

URL HTTP/2
load.bettershitecolumn.com/splash.js
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /splash.js HTTP/1.1
Host: load.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 02 Sep 2022 10:55:58 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"6311e13e-18e0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
X-Firefox-Spdy: h2

0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2

185.177.94.108

200 OK

0 B

URL HTTP/2
0.goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 HTTP/1.1
Host: 0.goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldflowerservice.com/
Cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:26 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; expires=Thu, 06-Oct-2022 17:38:26 GMT; Max-Age=2592000; path=/; domain=0.goldflowerservice.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

banksoftrust.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Thu, 05 May 2022 16:33:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30866
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=5.8.5

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/counter-number-showcase/assets/js/bootstrap.js?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 22:12:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 24594
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

oo00.biz/sw/w1s.js

212.129.26.71

200 OK

0 B

URL HTTP/2
oo00.biz/sw/w1s.js
IP
212.129.26.71:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.goldflowerservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 06 Sep 2023 17:38:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

oo00.biz/sw/w1s.js

212.129.26.71

200 OK

0 B

URL HTTP/2
oo00.biz/sw/w1s.js
IP
212.129.26.71:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.goldflowerservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:27 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 06 Sep 2023 17:38:27 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/js/tf_numbers.js?ver=1.8

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-content/plugins/tf-numbers-number-counter-animaton/assets/js/tf_numbers.js?ver=1.8
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/tf-numbers-number-counter-animaton/assets/js/tf_numbers.js?ver=1.8 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 22:37:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 980
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2

185.177.94.108

200 OK

0 B

URL HTTP/2
goldflowerservice.com/?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2
IP
185.177.94.108:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?p=mq2dgm3dgi5gi3bpg42dgna&sub2=Zvold2 HTTP/1.1
Host: goldflowerservice.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:25 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=3d1edd5a-def9-4335-8515-7a962622b184; expires=Thu, 06-Oct-2022 17:38:25 GMT; Max-Age=2592000; path=/; domain=goldflowerservice.com
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/css/style.css?ver=5.8.5

68.65.122.58

200 OK

0 B

URL HTTP/2
banksoftrust.com/wp-content/themes/saturnthemes-financebank/assets/css/style.css?ver=5.8.5
IP
68.65.122.58:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/saturnthemes-financebank/assets/css/style.css?ver=5.8.5 HTTP/1.1
Host: banksoftrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://banksoftrust.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 17:38:23 GMT
content-type: text/css
last-modified: Sat, 21 Nov 2020 12:42:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32052
date: Tue, 06 Sep 2022 17:38:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

oo00.biz/sw/w1s.js

212.129.26.71

200 OK

0 B

URL HTTP/2
oo00.biz/sw/w1s.js
IP
212.129.26.71:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/w1s.js HTTP/1.1
Host: oo00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://goldflowerservice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 17:38:26 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Wed, 06 Sep 2023 17:38:26 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations