www.4bac.ro Open in urlscan Pro
51.210.135.209 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Submission: On May 03 via manual (May 3rd 2021, 10:10:26 am UTC) from IN

Summary HTTP 85 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 19 domains to perform 85 HTTP transactions. The main IP is 51.210.135.209, located in France and belongs to OVH, FR. The main domain is www.4bac.ro.

This is the only time www.4bac.ro was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	51.210.135.209 51.210.135.209	16276 (OVH) (OVH)
1 2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
3	139.45.196.203 139.45.196.203	9002 (RETN-AS) (RETN-AS)
7	139.45.197.239 139.45.197.239	9002 (RETN-AS) (RETN-AS)
10	139.45.196.195 139.45.196.195	9002 (RETN-AS) (RETN-AS)
10	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
5	139.45.197.237 139.45.197.237	9002 (RETN-AS) (RETN-AS)
3	139.45.196.204 139.45.196.204	9002 (RETN-AS) (RETN-AS)
4	139.45.197.254 139.45.197.254	9002 (RETN-AS) (RETN-AS)
1	2606:4700:20:... 2606:4700:20::ac43:4b21	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
4	139.45.197.156 139.45.197.156	9002 (RETN-AS) (RETN-AS)
2	139.45.195.254 139.45.195.254	9002 (RETN-AS) (RETN-AS)
2	139.45.197.14 139.45.197.14	9002 (RETN-AS) (RETN-AS)
85	20

16 51.210.135.209 (France)

ASN16276 (OVH, FR)
PTR: ip209.ip-51-210-135.eu

www.4bac.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.203 (United Kingdom)

ASN9002 (RETN-AS, GB)

pushanert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 139.45.197.239 (United Kingdom)

ASN9002 (RETN-AS, GB)

psaudous.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
toglooman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 139.45.196.195 (United Kingdom)

ASN9002 (RETN-AS, GB)

phortaub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.237 (United Kingdom)

ASN9002 (RETN-AS, GB)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.45.196.204 (United Kingdom)

ASN9002 (RETN-AS, GB)

pseepsie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

ugyplysh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b21 (United States)

ASN13335 (CLOUDFLARENET, US)

static.lalaping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.45.197.156 (United Kingdom)

ASN9002 (RETN-AS, GB)

static.cdnativepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.195.254 (United Kingdom)

ASN9002 (RETN-AS, GB)

o.wowreality.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.45.197.14 (United Kingdom)

ASN9002 (RETN-AS, GB)

dutorterraom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	4bac.ro www.4bac.ro	426 KB
10	gstatic.com fonts.gstatic.com www.gstatic.com	382 KB
10	google.com www.google.com	61 KB
10	phortaub.com phortaub.com	66 KB
5	toglooman.com toglooman.com	124 KB
5	inpagepush.com inpagepush.com	34 KB
4	cdnativepush.com static.cdnativepush.com	8 KB
4	ugyplysh.com ugyplysh.com	1 KB
3	pseepsie.com pseepsie.com	46 KB
3	pushanert.com pushanert.com	46 KB
2	dutorterraom.com dutorterraom.com	651 B
2	wowreality.info o.wowreality.info	397 B
2	rtmark.net my.rtmark.net	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	psaudous.com psaudous.com	19 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	googletagmanager.com 1 redirects www.googletagmanager.com	36 KB
1	lalaping.com static.lalaping.com	33 KB
1	w.org s.w.org	523 B
85	19

	Domain	Requested by
16	www.4bac.ro	www.4bac.ro
10	www.google.com	www.4bac.ro www.gstatic.com www.google.com
10	phortaub.com	www.4bac.ro phortaub.com
6	fonts.gstatic.com	fonts.googleapis.com www.google.com
5	toglooman.com	psaudous.com toglooman.com
5	inpagepush.com	psaudous.com inpagepush.com
4	static.cdnativepush.com	inpagepush.com
4	ugyplysh.com	www.4bac.ro
4	www.gstatic.com	www.google.com www.gstatic.com
3	pseepsie.com	psaudous.com pseepsie.com
3	pushanert.com	www.4bac.ro pushanert.com
2	dutorterraom.com
2	o.wowreality.info	static.lalaping.com
2	my.rtmark.net	inpagepush.com www.4bac.ro
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	psaudous.com	www.4bac.ro psaudous.com
2	fonts.googleapis.com	www.4bac.ro
2	www.googletagmanager.com	1 redirects www.4bac.ro
1	static.lalaping.com	toglooman.com
1	s.w.org	www.4bac.ro
85	20

This site contains links to these domains. Also see Links.

Domain
goo.gl
wordpress.org
wordpress.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
phortaub.com R3	`2021-04-05` - `2021-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
pushanert.com R3	`2021-04-20` - `2021-07-19`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
toglooman.com R3	`2021-03-13` - `2021-06-11`	3 months	crt.sh
pseepsie.com R3	`2021-03-09` - `2021-06-07`	3 months	crt.sh
ugyplysh.com R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-27` - `2021-11-26`	a year	crt.sh
inpagepush.com R3	`2021-04-02` - `2021-07-01`	3 months	crt.sh
cdnativepush.com R3	`2021-04-25` - `2021-07-24`	3 months	crt.sh
dutorterraom.com R3	`2021-04-27` - `2021-07-26`	3 months	crt.sh

This page contains 5 frames:

Primary Page: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Frame ID: 004CD4FF70959BF3504D59E6C0144752
Requests: 64 HTTP requests in this frame

Frame: http://psaudous.com/fac.php
Frame ID: 579EAAF9AD0CFAD956D470E1CABC8837
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce
Frame ID: 6245FD1A6C51EB76C64F697BFDAC9D9E
Requests: 9 HTTP requests in this frame

Frame: data://truncated
Frame ID: 2A85C1DE3C5D27D768D5A28C892D84CC
Requests: 1 HTTP requests in this frame

Frame: https://static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/0233580931136.png
Frame ID: 5237F40AD538A6DD94C1D6603CD2B0A2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

85
Requests

66 %
HTTPS

37 %
IPv6

19
Domains

20
Subdomains

20
IPs

4
Countries

1306 kB
Transfer

2938 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://goo.gl/wXK2PC
Title: Lecții video online

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://wordpress.com/themes/misty-lake/
Title: WordPress.com

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.googletagmanager.com/gtag/js?id=UA-111948692-1 HTTP 302
https://www.googletagmanager.com/gtag/js?id=UA-111948692-1

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 404
Not Found Primary Request c.wasm Show response
www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/ 101 KB
33 KB 1489ms
1417ms Document
text/html 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 84e46b2ae828feabac27c21fad9dad37783272a921790c43af8b8923c8284e07

Request headers

Host: www.4bac.ro
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.4bac.ro/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 03 May 2021 10:09:59 GMT
server: LiteSpeed
referrer-policy

GET
H2

200

js Show response
www.googletagmanager.com/gtag/
Redirect Chain

http://www.googletagmanager.com/gtag/js?id=UA-111948692-1
https://www.googletagmanager.com/gtag/js?id=UA-111948692-1

88 KB
35 KB

38ms
18ms

Script
application/javascript

2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111948692-1

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6f282a3d60b3c61afd5e7a3843efca936a0dec2abda4fdca51fd749317e2adf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35851
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 May 2021 10:09:59 GMT

Redirect headers

Location: https://www.googletagmanager.com/gtag/js?id=UA-111948692-1
Date: Mon, 03 May 2021 10:09:59 GMT
Cross-Origin-Resource-Policy: cross-origin
Server: Google Tag Manager
Content-Length: 255
X-XSS-Protection: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK 6ac21.css
www.4bac.ro/wp-content/cache/minify/ 84 KB
15 KB 129ms
101ms Stylesheet
text/css 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/6ac21.css
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 936d2dae38d7de796e6d7acf3ac437c27834877a34698de50f2080bac01534fc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:37 GMT
server: LiteSpeed
etag: "151a6-608e5559-0;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 14923
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic&subset=latin,latin-ext

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

947dfab733138dfc7addde332760c72c8ac8dacad8d02340dbbd8a1ea3d1565a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 08:36:03 GMT
server: ESF
date: Mon, 03 May 2021 10:09:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 10:09:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
426 B 45ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C400italic%2C400bold&subset=latin&ver=dfe3d0201c0fcf368342eccb8d3406e0

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

904751006f9513d94c90a6dd12f7b9e6dc110271f758836fea23bfaf8fd30204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 May 2021 09:43:12 GMT
server: ESF
date: Mon, 03 May 2021 10:09:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 May 2021 10:09:59 GMT

GET
H/1.1 200
OK c10b3.css
www.4bac.ro/wp-content/cache/minify/ 7 KB
2 KB 129ms
101ms Stylesheet
text/css 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/c10b3.css
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:37 GMT
server: LiteSpeed
etag: "1b2b-608e5559-0;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1285
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK 11394.js Show response
www.4bac.ro/wp-content/cache/minify/ 107 KB
37 KB 132ms
104ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/11394.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: e1426328bfdfe59b7ab725c1f0bef5cd6ca50a0ea3a2f9604f5b57d77799978d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:37 GMT
server: LiteSpeed
etag: "1ad46-608e5559-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 36925
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK 545b0.js Show response
www.4bac.ro/wp-content/cache/minify/ 9 KB
3 KB 128ms
100ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/545b0.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:37 GMT
server: LiteSpeed
etag: "2474-608e5559-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2236
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK ntfc.php Show response
pushanert.com/ 14 KB
6 KB 114ms
77ms Script
application/javascript 139.45.196.203
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pushanert.com/ntfc.php?p=2571221
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 139.45.196.203 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-380b"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 4034750 Show response
psaudous.com/5/ 48 KB
19 KB 125ms
91ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://psaudous.com/5/4034750
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 18565760355c7624fd2f21c320e085b5f7f77d08db2032d6082b140ff787fc53

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: f7a15af6b5fb7783a04bc5882b1265dc
Pragma: no-cache, no-cache
Date: Mon, 03 May 2021 10:09:51 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
phortaub.com/pfe/current/ 14 KB
6 KB 165ms
53ms Script
application/javascript 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phortaub.com/pfe/current/tag.min.js?z=4034749
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:56 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-380a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK alfons-morales-410757-e1516606276103.jpg
www.4bac.ro/wp-content/uploads/2018/01/ 191 KB
191 KB 65ms
64ms Image
image/jpeg 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4bac.ro/wp-content/uploads/2018/01/alfons-morales-410757-e1516606276103.jpg
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 1d6904cb79100a5ea2abb621de9114d14167531b0f422d7adc0c14d032b281ae

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
referrer-policy
last-modified: Mon, 22 Jan 2018 07:31:16 GMT
server: LiteSpeed
etag: "2fa92-5a659344-0;;;"
content-type: image/jpeg
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 195218
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK 6239a.css
www.4bac.ro/wp-content/cache/minify/ 100 KB
40 KB 65ms
65ms Stylesheet
text/css 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/6239a.css
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: ca5a2dd010eee8bdeb4cb20ee8de3c366c636e67adc6cafde93d99a7037040c3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:41 GMT
server: LiteSpeed
etag: "1911b-608e555d-0;gz"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 40465
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK 81177.js Show response
www.4bac.ro/wp-content/cache/minify/ 121 KB
42 KB 67ms
67ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/81177.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 74f8d63a84bdda05d28e970c9e0ffdea5e1a742e30fc76c3824d39e175162f79

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:41 GMT
server: LiteSpeed
etag: "1e5a7-608e555d-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 42311
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK f4186.js Show response
www.4bac.ro/wp-content/cache/minify/ 71 KB
26 KB 68ms
65ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/f4186.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:42 GMT
server: LiteSpeed
etag: "11c65-608e555e-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 25886
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK e1df4.js Show response
www.4bac.ro/wp-content/cache/minify/ 8 KB
3 KB 68ms
65ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/e1df4.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:42 GMT
server: LiteSpeed
etag: "21ac-608e555e-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3055
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK f565c.js Show response
www.4bac.ro/wp-content/cache/minify/ 12 KB
4 KB 67ms
64ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/f565c.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:42 GMT
server: LiteSpeed
etag: "307c-608e555e-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3458
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK 73e73.js Show response
www.4bac.ro/wp-content/cache/minify/ 12 KB
4 KB 129ms
100ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/73e73.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 0ecf3c5357ea1a049a2f135864703992e689d7b257cf484bbcbd7c1ac72a23bc

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:43 GMT
server: LiteSpeed
etag: "3120-608e555f-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3734
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
1003 B 73ms
49ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&ver=3.0

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e47d7d9d873387860111154f98e0ea6d609ce0aeca4b4d80004265e2dc9e9619

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Mon, 03 May 2021 10:09:59 GMT

GET
H/1.1 200
OK f63a9.js Show response
www.4bac.ro/wp-content/cache/minify/ 10 KB
4 KB 67ms
67ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/f63a9.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 336854001de49d250757f5b5244231e3fe5e3afd6dbea204a8101223aea1a78d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:43 GMT
server: LiteSpeed
etag: "293b-608e555f-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3398
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H/1.1 200
OK be66b.js Show response
www.4bac.ro/wp-content/cache/minify/ 10 KB
3 KB 65ms
64ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-content/cache/minify/be66b.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 48a1d66a410f1d76e7bff28d4f21e9ad178bd9dbca87428a23f43be54ee8f8d7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Sun, 02 May 2021 07:31:43 GMT
server: LiteSpeed
etag: "266c-608e555f-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2808
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtag/js?id=UA-111948692-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1764
date: Mon, 03 May 2021 09:40:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 03 May 2021 11:40:35 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.4bac.ro/wp-includes/js/ 14 KB
5 KB 64ms
64ms Script
application/x-javascript 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://www.4bac.ro/wp-includes/js/wp-emoji-release.min.js?ver=dfe3d0201c0fcf368342eccb8d3406e0
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:09:59 GMT
content-encoding: gzip
referrer-policy
last-modified: Wed, 03 Feb 2021 22:40:10 GMT
server: LiteSpeed
etag: "3795-601b264a-0;gz"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4675
expires: Tue, 03 May 2022 10:09:59 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 27ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4bac.ro
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 382742
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Thu, 28 Apr 2022 23:50:57 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
fonts.gstatic.com/s/droidserif/v13/ 22 KB
22 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif%3A400%2C400italic%2C400bold&subset=latin&ver=dfe3d0201c0fcf368342eccb8d3406e0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4bac.ro
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:56:56 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:23 GMT
server: sffe
age: 281583
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22492
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:56:56 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4bac.ro
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Apr 2021 03:56:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 281584
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:56:55 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFW50bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4bac.ro
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 02:03:02 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:21 GMT
server: sffe
age: 374817
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11316
x-xss-protection: 0
expires: Fri, 29 Apr 2022 02:03:02 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ 335 KB
132 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://www.4bac.ro
Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:43:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1586
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:43:34 GMT

GET
H/1.1 200
OK zone Show response
pushanert.com/ 715 B
1 KB 162ms
55ms Fetch
application/json 139.45.196.203
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pushanert.com/zone?pub=0&zone_id=2571221&is_mobile=false&domain=www.4bac.ro&var=&ymid=&var_3=

Requested by

Host: pushanert.com
URL: http://pushanert.com/ntfc.php?p=2571221

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.203 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

e77ba28fdf6c8abf55065e430f522c8a375dadc2da6fc52378b55b3b78d73fec

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 1f6eabfe0d635c496743e2d17affabf0
Date: Mon, 03 May 2021 10:09:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 715

GET
H/1.1 200
OK universal.min.js Show response
pushanert.com/pfe/current/ 107 KB
38 KB 188ms
81ms Fetch
application/javascript 139.45.196.203
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pushanert.com/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: pushanert.com
URL: http://pushanert.com/ntfc.php?p=2571221
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.203 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://www.4bac.ro
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H2 200 1f642.svg
s.w.org/images/core/emoji/13.0.1/svg/ 525 B
523 B 87ms
29ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.0.1/svg/1f642.svg

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT arn 1
date: Mon, 03 May 2021 10:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 20 Oct 2020 16:13:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 27ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=895205987&t=pageview&_s=1&dl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&dp=%2F404.html%3Fpage%3D%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20%7C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=854906058&gjid=1476978879&cid=1785780797.1620036600&tid=UA-111948692-1&_gid=1854777474.1620036600&_r=1&gtm=2ou4l3&did=dZGIzZG&z=1679307763

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:10:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://www.4bac.ro
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK zone Show response
phortaub.com/ 684 B
1 KB 54ms
53ms Fetch
application/json 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phortaub.com/zone?pub=0&zone_id=4034749&is_mobile=false&domain=www.4bac.ro&var=&ymid=&var_3=

Requested by

Host: phortaub.com
URL: https://phortaub.com/pfe/current/tag.min.js?z=4034749

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

792299b2c2dfc23047d115d677cd5542b124e54b42059f14e9791f2a35112df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 7af9bc0bd91386ef4a99cfa980f1cddc
Date: Mon, 03 May 2021 10:09:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 684

GET
H/1.1 200
OK universal.min.js Show response
phortaub.com/pfe/current/ 107 KB
38 KB 184ms
80ms Fetch
application/javascript 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phortaub.com/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: phortaub.com
URL: https://phortaub.com/pfe/current/tag.min.js?z=4034749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://www.4bac.ro
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 4034747 Show response
inpagepush.com/400/ 82 KB
29 KB 112ms
82ms Script
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://inpagepush.com/400/4034747

Requested by

Host: psaudous.com
URL: http://psaudous.com/5/4034750

Protocol

HTTP/1.1

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

764722003802d77f46c40955a188cbcaf3d36349fdf76d0f87b681f847e8e142

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: 903ff90b019f9ad6d47ebeeb9fb355d2
Pragma: no-cache
Date: Mon, 03 May 2021 10:10:00 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK tag.min.js Show response
pseepsie.com/pfe/current/ 14 KB
6 KB 112ms
77ms Script
application/javascript 139.45.196.204
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pseepsie.com/pfe/current/tag.min.js?z=4034749
Requested by: Host: psaudous.com
URL: http://psaudous.com/5/4034750
Protocol: HTTP/1.1
Server: 139.45.196.204 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-380a"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK 1 Show response
toglooman.com/ 7 KB
4 KB 107ms
78ms Script
text/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://toglooman.com/1?z=4034748
Requested by: Host: psaudous.com
URL: http://psaudous.com/5/4034750
Protocol: HTTP/1.1
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 759adda657ea2c76b5d42548a631b1a3ee2eeaa2f25e60ef5a889e0df782045b

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:10:00 GMT
Content-Encoding: gzip
X-Sc: hvKG2ZMuBTpGGXNymrjZ877ToqrU9iJEugEzAe1rzoVY7z37pNUKE_RK19t-p9d441j0x4_oyQC5LqJ8YgT4WSQTW8A=
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: text/javascript
Access-Control-Allow-Origin
Access-Control-Expose-Headers: X-Sc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204
No Content fac.php
psaudous.com/ Frame 579E 0
0 54ms
54ms Document
text/html 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://psaudous.com/fac.php

Requested by

Host: psaudous.com
URL: http://psaudous.com/5/4034750

Protocol

HTTP/1.1

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Host: psaudous.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://www.4bac.ro/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4bac.ro/

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:09:52 GMT
Content-Type: text/html; charset=utf8
Connection: keep-alive
X-Trace-Id: 0085cc7de7be7b1b7d99c644880a0df9
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Timing-Allow-Origin: * *
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK loadingAnimation.gif
www.4bac.ro/wp-includes/js/thickbox/ 15 KB
15 KB 65ms
65ms Image
image/gif 51.210.135.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.4bac.ro/wp-includes/js/thickbox/loadingAnimation.gif
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Server: 51.210.135.209 , France, ASN16276 (OVH, FR),
Reverse DNS: ip209.ip-51-210-135.eu
Software: LiteSpeed /
Resource Hash: 6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: www.4bac.ro
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Cookie: _ga=GA1.2.1785780797.1620036600; _gid=GA1.2.1854777474.1620036600; _gat_gtag_UA_111948692_1=1; __PPU_BACKCLCK_4034750=true
Connection: keep-alive
Cache-Control: no-cache
Referer: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 03 May 2021 10:10:00 GMT
referrer-policy
last-modified: Mon, 10 Nov 2014 10:32:12 GMT
server: LiteSpeed
etag: "3b86-5460942c-0;;;"
content-type: image/gif
cache-control: public, max-age=31536000,public
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 15238
expires: Tue, 03 May 2022 10:10:00 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 6245 20 KB
11 KB 39ms
24ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

06504473d183ffd328ec7e8ad1e28b2617a4780268baa6f6fda18cd4f55add8f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-HVVYf9/rxRdkDjGz8qFr2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.4bac.ro/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://www.4bac.ro/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 03 May 2021 10:10:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-HVVYf9/rxRdkDjGz8qFr2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11140
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 133c8b2bfade2c96683819a208a36ab3 Show response
toglooman.com/27/ 361 KB
119 KB 186ms
79ms Script
application/javascript 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://toglooman.com/27/133c8b2bfade2c96683819a208a36ab3

Requested by

Host: toglooman.com
URL: http://toglooman.com/1?z=4034748

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

d32e38a74e431b76f4fe7fef3483ebe3aa2db680ee34b5c4ac48034fcdfcd451

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 30 Apr 2021 07:24:52 GMT
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
access-control-allow-origin
cache-control: max-age:290304000, public
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Fri, 30 May 2081 07:24:52 GMT

GET
H2 200 38 Show response
toglooman.com/42/ 0
631 B 245ms
138ms Script
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/42/38?z=4034748
Requested by: Host: toglooman.com
URL: http://toglooman.com/1?z=4034748
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:10:00 GMT
x-sc: _NTVY7A1KzfxiBeL1Iqu5xNa-T1xT-nfTS0apgYN73_v3BArrTj0mcM0p0bYusc7d3WmyVRobgTRMZutixqfHg3Z1rE=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
content-length: 0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK zone Show response
pseepsie.com/ 684 B
1 KB 161ms
55ms Fetch
application/json 139.45.196.204
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pseepsie.com/zone?pub=0&zone_id=4034749&is_mobile=false&domain=www.4bac.ro&var=&ymid=&var_3=

Requested by

Host: pseepsie.com
URL: http://pseepsie.com/pfe/current/tag.min.js?z=4034749

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.204 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

792299b2c2dfc23047d115d677cd5542b124e54b42059f14e9791f2a35112df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Trace-Id: b24fa1673b65f50643e82168ad7d2921
Date: Mon, 03 May 2021 10:09:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 684

GET
H/1.1 200
OK universal.min.js Show response
pseepsie.com/pfe/current/ 107 KB
38 KB 186ms
81ms Fetch
application/javascript 139.45.196.204
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pseepsie.com/pfe/current/universal.min.js?v=3.1.291
Requested by: Host: pseepsie.com
URL: http://pseepsie.com/pfe/current/tag.min.js?z=4034749
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.204 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-1ab55"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://www.4bac.ro
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 6245 51 KB
25 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:43:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
age: 1586
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25722
x-xss-protection: 0
expires: Tue, 03 May 2022 09:43:34 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/ Frame 6245 335 KB
131 KB 24ms
10ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:43:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1586
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134200
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 04:03:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 May 2022 09:43:34 GMT

POST
H/1.1 200
OK event Show response
ugyplysh.com/ 94 B
540 B 160ms
55ms Fetch
application/json 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugyplysh.com/event

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.254 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

5a51b357c768228782497385c38589988bcac01cf249b2ea95d9c3ca9844a4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 86655121e23c03a6eed5eb8215906815
Date: Mon, 03 May 2021 10:09:56 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

POST
H/1.1 200
OK event Show response
ugyplysh.com/ 94 B
540 B 159ms
55ms Fetch
application/json 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ugyplysh.com/event

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.197.254 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4cfaa346d27cc09ed309b1a48daa61e9acbd3f75223b4499dcc87f95a2addebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: daa6049581a2ae0a6dd521bf6e841bd1
Date: Mon, 03 May 2021 10:10:00 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 94

OPTIONS
H/1.1 200
OK event
ugyplysh.com/ Frame 0
0 169ms
51ms Preflight
text/plain 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ugyplysh.com/event
Protocol: HTTP/1.1
Server: 139.45.197.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:09:54 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

OPTIONS
H/1.1 200
OK event
ugyplysh.com/ Frame 0
0 169ms
52ms Preflight
text/plain 139.45.197.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ugyplysh.com/event
Protocol: HTTP/1.1
Server: 139.45.197.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:09:56 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

GET
H3-29 200 ZZFEsK2ZkU8ncl2GledFgnLnxpLom0T0mRqNz0RfA98.js Show response
www.google.com/js/bg/ Frame 6245 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/ZZFEsK2ZkU8ncl2GledFgnLnxpLom0T0mRqNz0RfA98.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

659144b0ad99914f27725d8695e7458272e7c692e89b44f4991a8dcf445f03df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 09:57:55 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 16:00:00 GMT
server: sffe
age: 725
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5721
x-xss-protection: 0
expires: Tue, 03 May 2022 09:57:55 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6245 2 KB
2 KB 10ms
9ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 15:35:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 326071
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Thu, 06 May 2021 15:35:29 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6245 15 KB
15 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 01 May 2021 06:54:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 184556
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Sun, 01 May 2022 06:54:04 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6245 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 23:58:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 382285
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Thu, 28 Apr 2022 23:58:35 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame 6245 102 B
132 B 15ms
15ms Other
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 03 May 2021 10:10:00 GMT

OPTIONS
H2 204 9
toglooman.com/ Frame 0
0 157ms
52ms Preflight 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=4034748&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=2&ist=0
Protocol: H2
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 03 May 2021 10:09:58 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://www.4bac.ro
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 online.js Show response
static.lalaping.com/ 84 KB
33 KB 44ms
20ms Script
application/javascript 2606:4700:20::ac43:4b21
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.lalaping.com/online.js?ver=2.0.0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/133c8b2bfade2c96683819a208a36ab3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:10:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Nov 2020 17:10:39 GMT
server: cloudflare
age: 4237
etag: W/"5fbbed0f-14f3c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q4l9dL82eP6MpKcRPQIlQXe7Qu%2BYn7fLt%2BvMxYRBREOSMEIxPdeMoSw8KC1FCnrJkIgzEjVHskyePxvx1NS40GCramgLlGkEiFcpa67Me7DBf3IT62cYFV8sn1emg07Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 6498b272fd9a2b16-FRA
cf-request-id: 09d34ddbdb00002b16382df000000001

POST
H2 204 9 Show response
toglooman.com/ 0
644 B 90ms
89ms XHR
text/plain 139.45.197.239
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://toglooman.com/9?z=4034748&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1600&sh=1200&pl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&wy=0&wx=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&sah=1200&drf=&hil=2&ist=0
Requested by: Host: toglooman.com
URL: https://toglooman.com/27/133c8b2bfade2c96683819a208a36ab3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 139.45.197.239 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 03 May 2021 10:10:01 GMT
x-sc: Sp5E8ZD9q_7YXITxPfWqluMBbDoDEJur-urmdkAcOyKtlcCr69jEam-yMBRipJJujUdVu7jC1M1GdIuN-QtBpLxUhJg=
server: nginx
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: http://www.4bac.ro
access-control-expose-headers: X-Sc
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
541 B 159ms
52ms XHR
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: http://inpagepush.com/400/4034747

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

c0b7e9df4ef3ca68f067f7308179a859dfa7997a811c6ab95fc65937f0f0c54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:10:00 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.4bac.ro
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame 6245 9 KB
7 KB 47ms
47ms XHR
application/json 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9qx0v7NiOAe_XnW_ULNZm9e3/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed765a4d319c31e0e74f1bfd259bf97f77b2f4b1d3a30245fd2885547334e193

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LenKYMUAAAAAL9VlBAFydIuCoSuvu8xv5XvbEWS&co=aHR0cDovL3d3dy40YmFjLnJvOjgw&hl=en&v=9qx0v7NiOAe_XnW_ULNZm9e3&size=invisible&cb=c6pntx4gl2ce
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 03 May 2021 10:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6681
x-xss-protection: 1; mode=block
expires: Mon, 03 May 2021 10:10:00 GMT

GET
H/1.1 200
OK googlelogo_color_120x44dp.png
www.google.com/images/branding/googlelogo/2x/ 5 KB
5 KB 20ms
14ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_120x44dp.png

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 5087
X-XSS-Protection: 0
Expires: Mon, 03 May 2021 10:10:00 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 19ms
13ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 5969
X-XSS-Protection: 0
Expires: Mon, 03 May 2021 10:10:00 GMT

GET
H/1.1 200
OK googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/2x/ 13 KB
14 KB 21ms
14ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_272x92dp.png

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 13504
X-XSS-Protection: 0
Expires: Mon, 03 May 2021 10:10:00 GMT

GET
H/1.1 200
OK googlelogo_color_160x56dp.png
www.google.com/images/branding/googlelogo/2x/ 7 KB
7 KB 20ms
13ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_160x56dp.png

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 7048
X-XSS-Protection: 0
Expires: Mon, 03 May 2021 10:10:00 GMT

GET
H/1.1 200
OK googlelogo_color_90x40dp.png
www.google.com/images/branding/googlelogo/2x/ 4 KB
4 KB 20ms
13ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.google.com/images/branding/googlelogo/2x/googlelogo_color_90x40dp.png

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 22 Oct 2019 18:30:00 GMT
Server: sffe
Content-Type: image/png
Cache-Control: private, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 3934
X-XSS-Protection: 0
Expires: Mon, 03 May 2021 10:10:00 GMT

OPTIONS
H/1.1 200
OK custom
phortaub.com/ Frame 0
0 52ms
51ms Preflight
text/plain 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phortaub.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
phortaub.com/ 39 B
485 B 53ms
53ms Fetch
application/json 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phortaub.com/custom

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: f395cec297bfbdd98adbdf340dadc8b7
Date: Mon, 03 May 2021 10:09:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H2 200 gid.js Show response
my.rtmark.net/ 65 B
540 B 53ms
53ms Fetch
application/json 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js?pub=0&userId=e7dca11f8e87407d9a499e8eb036b218&zoneId=4034749&checkDuplicate=true&ymid=&var=

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4444a536a1dce4dbb37bbadfe2b8e737fa9cba5e0cbdaa6c2008233d6a9a4a39

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 10:10:00 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.4bac.ro
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 65

OPTIONS
H2 200 4034747
inpagepush.com/500/ Frame 0
0 200ms
93ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/4034747?excludes=&oaid=50dc0284a35043908c156b55c3fea25c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=3&pl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 03 May 2021 10:10:01 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: http://www.4bac.ro
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 4034747 Show response
inpagepush.com/500/ 4 KB
3 KB 263ms
158ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: http://inpagepush.com/400/4034747

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

28d1e81d89a6f46ca5a4fbf827d912bda38d176edc147fe9fd92af3150d45df5

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: 8a184e42f9021090fdc5f9fe71493515
pragma: no-cache
date: Mon, 03 May 2021 10:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://www.4bac.ro
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK custom
phortaub.com/ Frame 0
0 58ms
52ms Preflight
text/plain 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phortaub.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
phortaub.com/ 39 B
485 B 54ms
52ms Fetch
application/json 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phortaub.com/custom

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 01157ee06acbed2dc73db038b2f71f9c
Date: Mon, 03 May 2021 10:09:57 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK defaultSkin.min.js Show response
phortaub.com/pfe/current/ 56 KB
19 KB 104ms
62ms Fetch
application/javascript 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phortaub.com/pfe/current/defaultSkin.min.js
Requested by: Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 May 2021 10:09:57 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Apr 2021 11:48:57 GMT
Server: nginx
ETag: W/"6086a8a9-df63"
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: http://www.4bac.ro
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 2A85 255 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H/1.1 200
OK custom
phortaub.com/ Frame 0
0 52ms
52ms Preflight
text/plain 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://phortaub.com/custom
Protocol: HTTP/1.1
Server: 139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:09:58 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Max-Age: 86400

POST
H/1.1 200
OK custom Show response
phortaub.com/ 39 B
485 B 53ms
53ms Fetch
application/json 139.45.196.195
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://phortaub.com/custom

Requested by

Host: www.4bac.ro
URL: http://www.4bac.ro/wp-content/plugins/wp-monero-miner-pro/js/c.wasm

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

139.45.196.195 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

X-Trace-Id: 7e42a7b90e05f032cdb433c4f9a993ec
Date: Mon, 03 May 2021 10:09:58 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 39

GET
H/1.1 200
OK 0233580931136.png
static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/ 984 B
2 KB 222ms
55ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/0233580931136.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1704b5646565ec4a94432bd3c4f016d8146b64bff6d07c2c1d32bada5619340e

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:01 GMT
Last-Modified: Thu, 31 Jan 2019 10:53:19 GMT
Server: nginx
ETag: "5c52d39f-3d8"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 984

OPTIONS
H/1.1 200
OK add
o.wowreality.info/api/log/ Frame 0
0 106ms
77ms Preflight 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://o.wowreality.info/api/log/add
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 03 May 2021 10:10:02 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://www.4bac.ro

POST
H/1.1 200
OK add Show response
o.wowreality.info/api/log/ 0
397 B 134ms
107ms XHR
text/plain 139.45.195.254
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://o.wowreality.info/api/log/add
Requested by: Host: static.lalaping.com
URL: https://static.lalaping.com/online.js?ver=2.0.0
Protocol: HTTP/1.1
Server: 139.45.195.254 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

Date: Mon, 03 May 2021 10:10:02 GMT
Server: nginx
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin: http://www.4bac.ro
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For
Content-Length: 0

GET
H2 200 IfNO7fD3QcDDTA7kYiRKbA3LyWGYOqu0bTZ2f0GuGs-O63vCOB8cqMhkC4vZDX8dz52GwBgnVUDfFrSlDzBw7hMUA3ZtFiz5d2UOweC0jYNn8F239ZGmvLzOX-emx4724Y_LKbEHuE1pNt1V0kgJT99Cwmit5qUMDL1wF-QNvq69MbKfGql5aLqrOqNV99MbwrX4O...
dutorterraom.com/impression/ 43 B
326 B 167ms
53ms Image
image/gif 139.45.197.14
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/IfNO7fD3QcDDTA7kYiRKbA3LyWGYOqu0bTZ2f0GuGs-O63vCOB8cqMhkC4vZDX8dz52GwBgnVUDfFrSlDzBw7hMUA3ZtFiz5d2UOweC0jYNn8F239ZGmvLzOX-emx4724Y_LKbEHuE1pNt1V0kgJT99Cwmit5qUMDL1wF-QNvq69MbKfGql5aLqrOqNV99MbwrX4ORLJfA_06qGFPcxCzk6j8kS0tEpksnWcUlTYW5fcXRIzWJeiOYIGz6se_0GOmu3IOCFikb3e1Jr0V4O63uSjRf4_il-5EBr9a4wAvs-gqZq1jWoCm8wvjQ9KtJYrbBaO7LG4Ol0azWvzfvau-YmeKAeUG8DEOjo3RQxeswdq8lR1PBZ5sZarFJoFByKkUAtHWs4jjUZBFxnaP8L5KSpSYuhA2f3FRKLcm_zvJRlUyJNhXrdVo_n4Jerge36M-oCYgsKaNqk3nL15x7SgYDOH_fVJk9gOIgAlY-GFPmahabP3ZtkHNViWlRPyluTUn7KIHet6ojxzHR8KavJE5b53oTJpaULNEJYA-TtMt97HjYh1Q5JIcnrcuul9kn_uYdl1apQyGASJqtMAlJhiCzSRKiA8tpoXYc_WknDNjyhPjqASbTiXiKyIZqsixvYl7oRTXsAFKQnH4ub8H4ofjbCtBsi7ZrCS7TIeBrCpNIGRGiHbZ0ACbj0iQzg0V0LVDNhJ4Q==?z=4034747&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=4&pl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: d64342e393e1a82a376d4f8829d9ff1b
pragma: no-cache
date: Mon, 03 May 2021 10:10:05 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 0233580931136.png
static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/ Frame 5237 984 B
2 KB 54ms
54ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/71/cd/fb/7cff7dc62c19ac76e51aa9aa8e/0233580931136.png
Requested by: Host: inpagepush.com
URL: http://inpagepush.com/400/4034747
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1704b5646565ec4a94432bd3c4f016d8146b64bff6d07c2c1d32bada5619340e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:05 GMT
Last-Modified: Thu, 31 Jan 2019 10:53:19 GMT
Server: nginx
ETag: "5c52d39f-3d8"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 984

OPTIONS
H2 200 4034747
inpagepush.com/500/ Frame 0
0 52ms
52ms Preflight 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/4034747?excludes=8466921&oaid=50dc0284a35043908c156b55c3fea25c&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: http://www.4bac.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 03 May 2021 10:10:05 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: http://www.4bac.ro
access-control-max-age: 300
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *

GET
H2 200 4034747 Show response
inpagepush.com/500/ 4 KB
2 KB 153ms
153ms XHR
application/javascript 139.45.197.237
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: inpagepush.com
URL: http://inpagepush.com/400/4034747

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.237 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

7d6ef9d56e8ffa604ff04358e3cc3a750bb1f6af1be88b10bab7354ad2ca20f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-trace-id: bc0e94b207343ca64c69fcbad7ee6f9d
pragma: no-cache
date: Mon, 03 May 2021 10:10:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/javascript
access-control-allow-origin: http://www.4bac.ro
access-control-expose-headers: Link
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=1
timing-allow-origin: *
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 088308167711.png
static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/ 2 KB
3 KB 61ms
61ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/088308167711.png
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 64c0bd3667e1ef5d9ab4faf2a92275cf9d89e9e839b94bd6adc92ac24a58dba0

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:05 GMT
Last-Modified: Thu, 15 Oct 2020 15:00:58 GMT
Server: nginx
ETag: "5f88642a-792"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1938

GET
H2 200 gw6hpFbSYe0D4smcupb-2vkoednc3sqOCVSNszoVhHAM3sZa_ABStQCX0D6HyzZZP4zc_aap1C3SZeneadqlLX57bMHfr4MmOWk4M4PyHWLuyM8doS9r4r8K2bKeiGoLJzdVr3xF-HjbP-2tY4tANCTGvkqYdDndaQi_IBOSB--rclMvsSoQonUft9Ni56_Kuxw_B...
dutorterraom.com/impression/ 43 B
325 B 54ms
53ms Image
image/gif 139.45.197.14
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dutorterraom.com/impression/gw6hpFbSYe0D4smcupb-2vkoednc3sqOCVSNszoVhHAM3sZa_ABStQCX0D6HyzZZP4zc_aap1C3SZeneadqlLX57bMHfr4MmOWk4M4PyHWLuyM8doS9r4r8K2bKeiGoLJzdVr3xF-HjbP-2tY4tANCTGvkqYdDndaQi_IBOSB--rclMvsSoQonUft9Ni56_Kuxw_B1ilsox3bKKCF573dimuC-v_AyOl4qYruh7esTDnrLDdcFSP1ahAl0qVTPLyAl0OJZS1FG_U79hGVkcuyUd4_HlWpX9S9ONEU4ghL_B_6tVJDxqJiYWPNUl54mjCa8BoHHGSgfEx8L4dZ5ie0AyrTXGQPRRwBXUTrvBCE-2TD3tcQ_xUmpVAXW-gSCUi_OOMmJXB32L66bqSqzXcSmKs68E7IMKWYWrR2eH60E_5kKsOZdDFcTHHhLBQiqA7Hchy1wnmEplDl9EHYYkCp_WwZPagHGuPgPDw5baGDzAtQSMbq8raGndilY9zIB0fO_PivVg1h2VyIOkF7eOUEqb74mIkdJMdgH_VZ1v8FenWy0fxNLrk13MuUqAef7G-I12UkveKe-YZQxf1bkvwYcoWg3S0c3UHXdo3FsWjilQ2eJ6WG-h6nWdtZmP7aWooktMnPo1fSQ0PBfFnKJMA-2vanD8cT3pLcdjL3JK-uAh8jaz4bgseMvSHvyVpwGMQyrez5Q==?z=4034747&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=5&pl=http%3A%2F%2Fwww.4bac.ro%2Fwp-content%2Fplugins%2Fwp-monero-miner-pro%2Fjs%2Fc.wasm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.197.14 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.4bac.ro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id: cf0eef1378bcd99d1daf05d4c374c686
pragma: no-cache
date: Mon, 03 May 2021 10:10:10 GMT
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: image/gif
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
strict-transport-security: max-age=1
timing-allow-origin: *
content-length: 43
expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H/1.1 200
OK 088308167711.png
static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/ Frame 5237 2 KB
3 KB 53ms
53ms Image
image/png 139.45.197.156
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.cdnativepush.com/contents/s/c8/31/02/6637d28225aaa1f4d7209ff892/088308167711.png
Requested by: Host: inpagepush.com
URL: http://inpagepush.com/400/4034747
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 139.45.197.156 , United Kingdom, ASN9002 (RETN-AS, GB),
Reverse DNS
Software: nginx /
Resource Hash: 64c0bd3667e1ef5d9ab4faf2a92275cf9d89e9e839b94bd6adc92ac24a58dba0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 03 May 2021 10:10:10 GMT
Last-Modified: Thu, 15 Oct 2020 15:00:58 GMT
Server: nginx
ETag: "5f88642a-792"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length: 1938

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/recaptcha	1970-01-19 22:19:48	Name: _GRECAPTCHA Value: 09ANblmng-dClKFmG5S0kgTSwwN_QbMe2xIFmQp1ikVU5vDBaCiwrng9VlnTd81Z6_oLA0XYdCFEU-rxyyF1F-2_w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.4bac.ro/wp-content/cache/minify/11394.js(Line 51) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dutorterraom.com
fonts.googleapis.com
fonts.gstatic.com
inpagepush.com
my.rtmark.net
o.wowreality.info
phortaub.com
psaudous.com
pseepsie.com
pushanert.com
s.w.org
static.cdnativepush.com
static.lalaping.com
toglooman.com
ugyplysh.com
www.4bac.ro
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
139.45.195.254
139.45.195.8
139.45.196.195
139.45.196.203
139.45.196.204
139.45.197.14
139.45.197.156
139.45.197.237
139.45.197.239
139.45.197.254
192.0.77.48
2606:4700:20::ac43:4b21
2a00:1450:4001:800::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82b::200e
51.210.135.209
031f00b22a8c37dc6f3a8ea8e33f3d958a579bb1fcddc00c9409a24d1e07c259
06504473d183ffd328ec7e8ad1e28b2617a4780268baa6f6fda18cd4f55add8f
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ecf3c5357ea1a049a2f135864703992e689d7b257cf484bbcbd7c1ac72a23bc
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
1704b5646565ec4a94432bd3c4f016d8146b64bff6d07c2c1d32bada5619340e
18565760355c7624fd2f21c320e085b5f7f77d08db2032d6082b140ff787fc53
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1d6904cb79100a5ea2abb621de9114d14167531b0f422d7adc0c14d032b281ae
262084257c2103702ef8a25705e3f8dbc1fa3823103ad7b954d54bdb77e6d89d
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
28d1e81d89a6f46ca5a4fbf827d912bda38d176edc147fe9fd92af3150d45df5
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
29c50fa4422ac0a690af5b0987dee6a030a7eeaafa9dda8543cf022368f545aa
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
336854001de49d250757f5b5244231e3fe5e3afd6dbea204a8101223aea1a78d
3c794ed9998df8cdf623077dcf9df6523be8080fb2bfd82a61d5ab391ee58c02
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40e9c0f2ebc41712958541bee3b48aa744ef21a0ff1efc5c87d5d683e8f128e3
4444a536a1dce4dbb37bbadfe2b8e737fa9cba5e0cbdaa6c2008233d6a9a4a39
48a1d66a410f1d76e7bff28d4f21e9ad178bd9dbca87428a23f43be54ee8f8d7
4cfaa346d27cc09ed309b1a48daa61e9acbd3f75223b4499dcc87f95a2addebe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5a51b357c768228782497385c38589988bcac01cf249b2ea95d9c3ca9844a4c5
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
62dadcf91b790af18b75663d3b07dc5099824148a32cc71c8e4d8fa99aabc745
64c0bd3667e1ef5d9ab4faf2a92275cf9d89e9e839b94bd6adc92ac24a58dba0
659144b0ad99914f27725d8695e7458272e7c692e89b44f4991a8dcf445f03df
6a486bb6036ea984d293ab009566e99e522abc19f8833c5fd49630be7eba0135
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f282a3d60b3c61afd5e7a3843efca936a0dec2abda4fdca51fd749317e2adf9
74f8d63a84bdda05d28e970c9e0ffdea5e1a742e30fc76c3824d39e175162f79
759adda657ea2c76b5d42548a631b1a3ee2eeaa2f25e60ef5a889e0df782045b
764722003802d77f46c40955a188cbcaf3d36349fdf76d0f87b681f847e8e142
792299b2c2dfc23047d115d677cd5542b124e54b42059f14e9791f2a35112df9
7b23e3a7155161323573e58616ff1bfdaffd0560483db31315d181f6b394ddd5
7c45c9bf3189b8c7a74c01957bd346d229e623aaa4cc215560499e83887b2d10
7d6ef9d56e8ffa604ff04358e3cc3a750bb1f6af1be88b10bab7354ad2ca20f8
84e46b2ae828feabac27c21fad9dad37783272a921790c43af8b8923c8284e07
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd
904751006f9513d94c90a6dd12f7b9e6dc110271f758836fea23bfaf8fd30204
936d2dae38d7de796e6d7acf3ac437c27834877a34698de50f2080bac01534fc
943c44a0f3dc1aba84f5fbe8465baadbb90af66cd7be9f37ca07a39260357ad2
947dfab733138dfc7addde332760c72c8ac8dacad8d02340dbbd8a1ea3d1565a
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
9b9a7ec563b4bbcbe8812d7ea1f6464bb17769fb31df55c123e413a3a7e41705
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e611fba6a87626e60f74d361f0c94d1ba226bc0726a05791f40ddb7fbba2c4f
9f0624a5f72fa4c0942c21c83960fd1f80b6a49391d27a616a758b098672a00a
a9cac8d49feccd603bac334c92c1e7dd5a829a1c01d4130550e8c9c0d9c72f7b
ad3995ed8857c7c6c71609fb70c4c77bc564d9279424bc5b9945134720730d24
bec20adaf53a0573ead4dd69e2360e7a78341073cceb950949a64d60ef0a67e1
c0b7e9df4ef3ca68f067f7308179a859dfa7997a811c6ab95fc65937f0f0c54e
ca5a2dd010eee8bdeb4cb20ee8de3c366c636e67adc6cafde93d99a7037040c3
d32e38a74e431b76f4fe7fef3483ebe3aa2db680ee34b5c4ac48034fcdfcd451
d9ff36d920672b4076a5d58283d7a4332d094bbfcb2a8c146bc9311150e5c43c
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
e1426328bfdfe59b7ab725c1f0bef5cd6ca50a0ea3a2f9604f5b57d77799978d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47d7d9d873387860111154f98e0ea6d609ce0aeca4b4d80004265e2dc9e9619
e77ba28fdf6c8abf55065e430f522c8a375dadc2da6fc52378b55b3b78d73fec
ed765a4d319c31e0e74f1bfd259bf97f77b2f4b1d3a30245fd2885547334e193
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881

www.4bac.ro Open in urlscan Pro 51.210.135.209 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

85 Requests

66 %HTTPS

37 %IPv6

19 Domains

20 Subdomains

20 IPs

4 Countries

1306 kBTransfer

2938 kBSize

1 Cookies

3 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.4bac.ro Open in urlscan Pro
51.210.135.209 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

66 %
HTTPS

37 %
IPv6

19
Domains

20
Subdomains

20
IPs

4
Countries

1306 kB
Transfer

2938 kB
Size

1
Cookies

85 HTTP transactions
1 data transactions