firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 03 Oct 2022 17:16:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B7aUmP1rTNHe5mTD5R3POfrl-st1118pc9Vr03-wMvKyE2aRQceTqw==
Age: 3440
greenday.kz/wp-content/themes_05092022.zip
37.151.94.26301 Moved Permanently 334 B URL HTTP/1.1 greenday.kz/wp-content/themes_05092022.zip
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 07db4a6ab9300f9a502ebb1088f6bcbb
eb2bfa693e29e0e596d715a1424fd3259c488ff4
68910fdc1986a8339ec2bfff31090f2a46872d2383bfd94de163302e470c712f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes_05092022.zip HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 03 Oct 2022 18:13:37 GMT
Server: Apache/2.4.7 (Ubuntu)
Location: https://greenday.kz/wp-content/themes_05092022.zip
Content-Length: 334
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4465
Expires: Mon, 03 Oct 2022 19:28:41 GMT
Date: Mon, 03 Oct 2022 18:14:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wcW06hbzgxy0k9UbjC4FTM9ckW6nETCdzTuHycMj_kQO4joSaeU8Cw==
age: 45949
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:14:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash 525d7ad7b08002d1aa578b02fca21a53
9ece64ba43b3b6fd9c801163b89609928e16869a
7f0bd4501da162e334a7a88df7ac1570342c30756e58be99b53b3cdc528faa6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7F0BD4501DA162E334A7A88DF7AC1570342C30756E58BE99B53B3CDC528FAA6C"
Last-Modified: Sat, 01 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6466
Expires: Mon, 03 Oct 2022 20:02:02 GMT
Date: Mon, 03 Oct 2022 18:14:16 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 03 Oct 2022 17:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 03 Oct 2022 18:14:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pVWqVbHv9LpW325MgfznWZ3VlbtwLyRLINilRnEcGO0usl9Yn9_kBg==
Age: 2683
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:16 GMT
Last-Modified: Mon, 03 Oct 2022 16:42:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2J6KMIJ0Vau+zxa/sgV7Uw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ELYZ75+K2z09jDqjy1Ru7OexUAs=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
greenday.kz/wp-content/themes_05092022.zip
37.151.94.26404 Not Found 108 kB URL HTTP/1.1 greenday.kz/wp-content/themes_05092022.zip
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2497), with CRLF, LF line terminators
Size 108 kB (107724 bytes)
Hash c0916a47735d4c198ec37ae808ae8a66
8ff022737d4a40cb7923ed17234f378c12599400
03e38dace3685b5a08d8d10dea835bf08cb10d34801bd0ab5e910c31f1d8fda5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes_05092022.zip HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 18:13:37 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Link: <https://greenday.kz/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
greenday.kz/hover/css/square-2.css
37.151.94.26200 OK 1.8 kB URL HTTP/1.1 greenday.kz/hover/css/square-2.css
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with CRLF line terminators
Hash e3995cf11ffa82a71ffe228725107386
cbaa774811a0851fa3c5a80e8c1042af81226f23
0564364e5a4dcb3f42e648b8ea845bc21de4d93448c5290be2e460b0eec87fae
GET /hover/css/square-2.css HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:38 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 03 Apr 2019 08:06:46 GMT
ETag: "5b14-5859bbc1d1180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1793
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
37.151.94.26200 OK 890 B URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 77844a96d72d03c84c5e6970c1fe631b
5f02982c93cf4bf4f70d77ea6dfe04d2efcd9b81
0b5162518ddfdb56914db022a95c1a5eca3271ae2f062cfaa939cc5b7094d63c
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "fbc-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 890
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/hover/css/ihover.css
37.151.94.26200 OK 7.3 kB URL HTTP/1.1 greenday.kz/hover/css/ihover.css
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with CRLF line terminators
Hash b28c5b0fdcf8c3e44d3679abe4883183
a05b93749b2357901ca2e4d64114a575f17b5282
eb884e4937d0658e2d20ec7451ed6c83da7d29f01fabf03481cf8c95299bff18
GET /hover/css/ihover.css HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 03 Apr 2019 08:06:46 GMT
ETag: "204a0-5859bbc1d1180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7299
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/hover/css/caption.css
37.151.94.26200 OK 2.9 kB URL HTTP/1.1 greenday.kz/hover/css/caption.css
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with CRLF line terminators
Hash b9cc7df9bdf4980f8010cadeb2240976
8b91b6d9ac1a3a54e7dc4d412364f26b560d78e7
d96738d0940162b10ec422c09f32b4f88e18c79c07c401b5795881ac777ee526
GET /hover/css/caption.css HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 03 Apr 2019 08:06:46 GMT
ETag: "9f3a-5859bbc1d1180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2935
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/hover/css/others.css
37.151.94.26200 OK 595 B URL HTTP/1.1 greenday.kz/hover/css/others.css
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type assembler source, ASCII text, with CRLF line terminators
Hash d5928806f7d2d393811dd2a310171dcb
2c18150669c2ec33e66bc4f3ccbeab0f95fc119d
81175932482fedd3d9ece6e5a8f9e035f609e48c4b7e984ffe4bf62929348d86
GET /hover/css/others.css HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 03 Apr 2019 08:06:46 GMT
ETag: "773-5859bbc1d1180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 595
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/hover/css/custom.css
37.151.94.26200 OK 284 B URL HTTP/1.1 greenday.kz/hover/css/custom.css
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with CRLF line terminators
Hash a1f37717adac5e2a97289ad11d585fff
909ae5fbc5d5a1da3b103713144655c0eb59d7e3
fbd0a07ed1aaaea65d795b83afbb8fb700c265e0a763fe2f4731766968ead2a0
GET /hover/css/custom.css HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 03 Apr 2019 08:06:46 GMT
ETag: "36e-5859bbc1d1180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 284
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
37.151.94.26200 OK 707 B URL HTTP/1.1 greenday.kz/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash ccdc593d466bc945aef979246f4b1cc3
5ecb2bdc44735a51f49a76af1ff98f9fd42971f3
5e911eb7601302c0b6bdef5afe445a8eef0053d29a8ee46874feb9f1e9e1123b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.0.5 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 13 Nov 2018 02:56:50 GMT
ETag: "76a-57a82f814c080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 707
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.0.3
37.151.94.26200 OK 1.9 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.0.3
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (6875), with no line terminators
Hash ab3bd6e559d8dfc91c7da9860c8fad8e
81464b29a9bb32243dc74befa7c320535ae99a33
82daa5c17411fa915d49a0172617ccd16f6a6465919c917c73f5922a7ea9179c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.0.3 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "1adb-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1876
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
greenday.kz/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=1.5.56
37.151.94.26200 OK 1.2 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=1.5.56
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (10538), with no line terminators
Hash 837c0d21a902df46727d6de1efeeb2c9
9679a0805eeb1b9da1a2f13b5e3be85264ebc095
f6f28050b77905430e538eb7ea3f679e55943c28ceb3f9008067b4df6ef57237
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=1.5.56 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "292a-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1229
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.5.56
37.151.94.26200 OK 6.4 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.5.56
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (41763), with no line terminators
Hash a1755ec949fe53cf6f7fd3a2ee4f35d3
8f3ab5d7fd2b5b0a2758beaf177d04bb98c0e5c2
c5d7e681ffe58dd45ef7886e5906662a5aa9f264a0130dbcb3e67895956f369a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.5.56 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "a323-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6357
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
greenday.kz/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.8.0
37.151.94.26200 OK 2.2 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.8.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (16542), with no line terminators
Hash 7e972f6c1b2623731f8a00bac6c27b89
c74dbad6d727697f8a479e8928da654273abdc4b
56a3d5d9f218531f5135906f5c15990ae8a70bd8d09abe40588bab417504ee8e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=3.8.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "409e-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2157
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=UA-139245942-1
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-139245942-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash d9771e03ef4bc4492ff29ca4540cd2be
ac9db3ae35869b92e1e6df8d07647a458ab8c023
bb9941981f1ecc384d4c0c1ed8dd44ba915c696a3b227820911da5a80ab8e94a
GET /gtag/js?id=UA-139245942-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 03 Oct 2022 18:14:18 GMT
expires: Mon, 03 Oct 2022 18:14:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42352
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
greenday.kz/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.0
37.151.94.26200 OK 8.8 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type Unicode text, UTF-8 text, with very long lines (62655), with no line terminators
Hash ae602d7a441a68e36c75e028185bdc25
37a6b28345ae2fd0f43450a0695760698eba5014
ea11c686069d234f068929171313ff8c0c2366f6579b78a95a2e014271b3d3b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=3.8.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "f4cd-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8820
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/wp-post-modal/public/css/wp-post-modal-public.css?ver=1.0.0
37.151.94.26200 OK 1.3 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/wp-post-modal/public/css/wp-post-modal-public.css?ver=1.0.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 5b71c9710a2b9384951336b088e60ea0
710907ab00ede6547ff241d7d75b01a953685bb3
a20790bc76ff4e01b172903b702e4f461e43451f5df6c9efcd06c2ec3c4d41e2
GET /wp-content/plugins/wp-post-modal/public/css/wp-post-modal-public.css?ver=1.0.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 24 Dec 2018 02:50:24 GMT
ETag: "1187-57dbba8913c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1287
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.1
37.151.94.26200 OK 217 B URL HTTP/1.1 greenday.kz/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (426), with CRLF line terminators
Hash fa901de972b70fa8052029f9a1cebbe9
e849d36762e08b95c547fe182c7de8d51c3f1bcd
678fd03f093a04bd8aad3974bec13c39353e537c7ed55d3b66c022b7e74dbe8c
GET /wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.min.css?ver=2.0.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 07 Nov 2018 22:28:16 GMT
ETag: "1ac-57a1aa267c000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 217
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.0.16
37.151.94.26200 OK 322 B URL HTTP/1.1 greenday.kz/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.0.16
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash af355be370a655330a6b09ef74cea144
21d2ca3bffdc495b1680d912027b3724ae3457f5
cee90b204faf502c4f2613e85efae07424662c5f39df6f2adb8f08a7c8a5a46b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.0.16 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 14 Nov 2018 00:57:54 GMT
ETag: "307-57a956c956880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 322
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.0.0
37.151.94.26200 OK 2.5 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.0.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (11276)
Hash b05acb61dc0d58f62f93cf72bc94e02d
62babbf44839ef0fbd07945b3ecfc6e2e4b214e3
714e518f5ea74ab1c0736e38ac00a0451043b72699e95dc485007a17139f2d79
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=4.0.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:10 GMT
ETag: "2c39-57b0b6735f780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2503
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
37.151.94.26200 OK 7.1 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:10 GMT
ETag: "7918-57b0b6735f780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/uploads/elementor/css/global.css?ver=1544077940
37.151.94.26200 OK 698 B URL HTTP/1.1 greenday.kz/wp-content/uploads/elementor/css/global.css?ver=1544077940
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (4913), with no line terminators
Hash 3a008b76de514da904476718ede5ab61
2661ade4d764d373defd72995962632cde27960a
5610d747fa1e75621a6c02bb0babb76366cd52db29f7bca9d75a78ca49eede06
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1544077940 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 06 Dec 2018 00:32:20 GMT
ETag: "1331-57c4fa1a8ad00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 698
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.3.2
37.151.94.26200 OK 2.6 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.3.2
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (10019)
Hash 0ea81c35141c6a4692506e4fe8d36edb
392c5f96995e66d74c27ed5a42f93169c2f32d18
b7488fd21ad73e483cdcaf42097ea7787ffe0616477e29a537f53f6064e321ab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=2.3.2 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:12 GMT
ETag: "4824-57b0b67547c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2592
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/uploads/elementor/css/post-1018.css?ver=1634612007
37.151.94.26200 OK 641 B URL HTTP/1.1 greenday.kz/wp-content/uploads/elementor/css/post-1018.css?ver=1634612007
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (7943), with no line terminators
Hash 49a77bdb0586ac9834adc8e722962e8f
bccc643ff8104f69b37160526a5ba8701f83fdd5
f0fe1530181daf7445b839240178d45e0a68b0c33b0052a7b3fbcd3b0678ddbc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-1018.css?ver=1634612007 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 19 Dec 2019 23:37:04 GMT
ETag: "1f07-59a1709dda800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 641
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
greenday.kz/wp-content/themes/idyllic/css/responsive.css?ver=4.9.8
37.151.94.26200 OK 2.9 kB URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/css/responsive.css?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash fe2c5dfdc50043328890dca7d0853897
95ee40809115929044d2984a4cd8afe0bb6b14a3
b0d33fa9f07052e52451383ff2aa33d3f8d917aba293d14881fbbbc47ed346e2
GET /wp-content/themes/idyllic/css/responsive.css?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Sep 2018 21:44:08 GMT
ETag: "3684-575b37d757a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2920
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/pscrollbar/perfect-scrollbar.min.css?ver=1.7.0
37.151.94.26200 OK 394 B URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/pscrollbar/perfect-scrollbar.min.css?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (2709)
Hash 50ae458e505b8327887563701725de10
832c7d5c1dbdd9fea4336f842c568097630fb20e
f13a9aa71261f43455f72b2c50e7d733edab82de661b18d6bf2ccbe8548aa229
GET /wp-content/plugins/quadmenu/assets/frontend/pscrollbar/perfect-scrollbar.min.css?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "a96-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 394
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/owlcarousel/owl.carousel.min.css?ver=1.7.0
37.151.94.26200 OK 1.1 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/owlcarousel/owl.carousel.min.css?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 7ae78055a0ae6aef4ec59f7fe1f3b49c
cfd5db19779e0a21652596f85f66aabbbb5a8b2a
1dd9ed5a90a4416e6048bc3c84ab5ff52771c63964c9d77fd1ccd76932650803
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quadmenu/assets/frontend/owlcarousel/owl.carousel.min.css?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "f3a-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1135
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.3.2
37.151.94.26200 OK 13 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.3.2
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (65497)
Hash f401009251a207bccf1f3ebbe9651319
552aa4ed9442b5017b33677c8f549560fb209c2b
cf09908a54a64a89c196de682a8366bff6f9d995b84ac60f6e6519c3ae22c29b
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=2.3.2 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:12 GMT
ETag: "168d3-57b0b67547c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12877
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/css/quadmenu-normalize.min.css?ver=1.7.0
37.151.94.26200 OK 1.3 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/css/quadmenu-normalize.min.css?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (4407)
Hash a8642edbe85f42f32689a8e26586041f
298dce693ba7ae465cb32d0225f3d372fd42512e
653f733c9020cad4c48848643976a5a3eedfff2953de517a397a9f0a98973c09
GET /wp-content/plugins/quadmenu/assets/frontend/css/quadmenu-normalize.min.css?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "1138-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1253
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/themes/idyllic/style.css?ver=4.9.8
37.151.94.26200 OK 22 kB URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/style.css?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type Unicode text, UTF-8 text, with very long lines (1477)
Hash 24a4f235c1c5d824eeaa3537a2530f09
64dcd24c57f479ffc50a5dcc769f4ef38bbe1c0a
d38b8e2eb5bccde82f980089a70ba0d3a573bfe169959d5809e465dc1e44aeaa
GET /wp-content/themes/idyllic/style.css?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 25 Jun 2020 04:25:30 GMT
ETag: "1e4d0-5a8e0fb8cc280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 22440
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5ba23234dfb31276cc3bf9a347508595
a225d0a9ecf5d7f0032816c6f3d4a5ae1f3b27a3
33558bed4856ac3f2a7267965521b316ccd3ccc669877994c6c590e2d2a1b559
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
greenday.kz/wp-content/uploads/idyllic/quadmenu-widgets.css?ver=1561516112
37.151.94.26200 OK 2.3 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/idyllic/quadmenu-widgets.css?ver=1561516112
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 639494b953baf5f4e3faf71a6835fc9d
8b23e3880381d3d0848e3954c8b57fecf3a880cb
d85a52fab581e90e5b1341684e3cc2653fe74ae3411ebfcd65ebcf68d5cea046
GET /wp-content/uploads/idyllic/quadmenu-widgets.css?ver=1561516112 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 26 Jun 2019 02:28:32 GMT
ETag: "4040-58c30cd2ab400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2309
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/css/quadmenu.min.css?ver=1.7.0
37.151.94.26200 OK 13 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/css/quadmenu.min.css?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (65535)
Hash 71f684d3485eba19b58965f2a94120cb
de8b170b01dafa7c986ac11a32032c00402e1328
5a9cf571f3060e9fd17a9c13c36790520f6a785dc403c4b9a88b0daab38ffeda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quadmenu/assets/frontend/css/quadmenu.min.css?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "1371a-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12564
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6511
Expires: Mon, 03 Oct 2022 20:02:49 GMT
Date: Mon, 03 Oct 2022 18:14:18 GMT
Connection: keep-alive
greenday.kz/wp-content/uploads/idyllic/quadmenu-locations.css?ver=1561516112
37.151.94.26200 OK 4.3 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/idyllic/quadmenu-locations.css?ver=1561516112
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash b707cca18a3d6336b9a107ce943e9336
bb2909dc942fd6fc46cd9016c025955de59ba554
8175bdb9b705c6e3b225a8b8803fd1edf3268db3e14b1ffe8efd62692e04334a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/idyllic/quadmenu-locations.css?ver=1561516112 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 26 Jun 2019 02:28:32 GMT
ETag: "bc48-58c30cd2ab400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4267
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 721a8d8f94c3796abf021978fcdbc831
3fc3aeae907a0ce0db21753c67c1000681e48b8e
cb497b15e7c2e49930b99f8d6659f0394acefb7b11613ca04397ee782dac759d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98a090b5-0736-4ddd-b6ca-3c76661e7051.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8158
x-amzn-requestid: 424c8c6c-7075-4ace-97e6-2b0a609d1b7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXDxGRlIAMFZrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-046d963a345c15e81dc74e4d;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aFBTRAsXhi4io7fSc02hftf9hRQ-J5yaBgU4Wgwijyir30xjTjdMLQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 73662
etag: "3fc3aeae907a0ce0db21753c67c1000681e48b8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6511
Expires: Mon, 03 Oct 2022 20:02:49 GMT
Date: Mon, 03 Oct 2022 18:14:18 GMT
Connection: keep-alive
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/icons/eleganticons/style.min.css?ver=4.9.8
37.151.94.26200 OK 4.2 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/icons/eleganticons/style.min.css?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (21769)
Hash 31bf8313373f76ba6691b2f1ef96599d
e71e2b5a49a1ae283e5e08f70f4830f72f0b8f74
4694e98d8bb88adde98342aa948aa2c60ae137e53522e395202db47f85785711
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quadmenu/assets/frontend/icons/eleganticons/style.min.css?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "550a-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4168
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed17699f6b123b33b8df416b23c4cac
36458cca636c4ffc873df8acd254ff726b1a9544
65dac85ddf2d9918696ea270a5a3d034e07e43ca5714f169747feee09fc4b897
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F954ddf3b-951c-46b3-a8ce-00e3bd3ef239.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10490
x-amzn-requestid: a7e4d6b4-be77-41a9-94dd-83167d5b002e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5tUrE72oAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d5c1d-1ba0805b629e657b60ff1b85;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 07:11:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DZ6ZMlje50ktV6_cABRx3fr4Dke7Z2UhNhBDi1aCK00kRPTlnG691A==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 03:36:14 GMT
age: 52684
etag: "36458cca636c4ffc873df8acd254ff726b1a9544"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&ver=1592813645
142.250.74.10200 OK 8.9 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&ver=1592813645
IP 142.250.74.10:0
Hash 1979278f54ffe38db97c3c3244d2b9a5
da645ce97f9e8cdfbeac097012a10e6c4344271b
c90cfeabc74a9512928843ef215c8bc3303be7ecbafe8900bc9e713c261954dc
GET /css?family=Open+Sans&ver=1592813645 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:18 GMT
date: Mon, 03 Oct 2022 18:14:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 04:42:51 GMT
age: 48687
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 523edd86af4757d0bc5fa5b3b8a3596a
8118ee462077c291b9d6f1402b85b55a9ceba8c2
c27de9970317636df8c4a517a9ed38e573235b351bf92c9b8bb1f964cd100031
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd0be942-f345-4da4-974e-a9fe16b90b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9083
x-amzn-requestid: fda71fd3-ef25-4a63-94ae-1bfc8aef8d14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZXD2H0DIAMFjrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a054b-198915fc17ce3dab571b7575;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:40:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BobS2JU-TqDuL8q31SVlerM15cRoMhL1oM5MkL7MVhY9RZG_Ukp5yA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:46:36 GMT
age: 73662
etag: "8118ee462077c291b9d6f1402b85b55a9ceba8c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Arimo%3A400%2C400i%2C700%7CLustria&ver=4.9.8
142.250.74.10200 OK 12 kB URL HTTP/2 fonts.googleapis.com/css?family=Arimo%3A400%2C400i%2C700%7CLustria&ver=4.9.8
IP 142.250.74.10:0
Hash 8085268921c01a1897b524a835525000
99eba763e57ba209574fec511705701e0e35a091
9ae1b770b20152fa41820ab7baa43ba3b3cb106f2011619caf1f12c7f3fc6ca6
GET /css?family=Arimo%3A400%2C400i%2C700%7CLustria&ver=4.9.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:18 GMT
date: Mon, 03 Oct 2022 18:14:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
greenday.kz/wp-content/uploads/titan-framework-mobmenu-css.css?ver=4.9.8
37.151.94.26200 OK 355 B URL HTTP/1.1 greenday.kz/wp-content/uploads/titan-framework-mobmenu-css.css?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1268), with no line terminators
Hash 180983a6dac7156649e3a06f5018baae
1c861d78dbccca9d1316c90090f8ccbc9306ed72
dbf81d5a6073be68f9e6d3fdad5e016dbb789a60b4e26f0fb79ac8fde65556f6
GET /wp-content/uploads/titan-framework-mobmenu-css.css?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 03 Dec 2019 05:38:02 GMT
ETag: "4f4-598c6197b2280-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 355
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6511
Expires: Mon, 03 Oct 2022 20:02:49 GMT
Date: Mon, 03 Oct 2022 18:14:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6511
Expires: Mon, 03 Oct 2022 20:02:49 GMT
Date: Mon, 03 Oct 2022 18:14:18 GMT
Connection: keep-alive
greenday.kz/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=4.9.8
37.151.94.26200 OK 997 B URL HTTP/1.1 greenday.kz/wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 6aa020d8afa71fa1876b342b072ddcd0
f8559cfa3ffd0c52992c1999ac9758101a8ae16e
044f816562520130b2dbaa04f7f100405c0e1850b9f14b16075acd19145451b6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/mobile-menu/includes/css/mobmenu-icons.css?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 29 Oct 2018 03:05:38 GMT
ETag: "bf3-5795557eec480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 997
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.249200 OK 503 B IP 23.36.76.249:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6511
Expires: Mon, 03 Oct 2022 20:02:49 GMT
Date: Mon, 03 Oct 2022 18:14:18 GMT
Connection: keep-alive
greenday.kz/wp-includes/js/jquery/jquery.js?ver=1.12.4
37.151.94.26200 OK 34 kB URL HTTP/1.1 greenday.kz/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (32077)
Hash d417f4d673009b01654915bbf1f4f872
f432ea8e89e5f4ef50e506019899e539a068f415
24560d81ded58e8befabf32ff51f5b6ae6f21eead0a5f87c255e3b47b988d1cc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 02 Sep 2018 20:44:08 GMT
ETag: "17ba0-574e97c781600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33766
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/favorites-posts/favposts.css?ver=1.5
37.151.94.26200 OK 461 B URL HTTP/1.1 greenday.kz/wp-content/plugins/favorites-posts/favposts.css?ver=1.5
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with CRLF line terminators
Hash 3d7b83892a63c1a2bc6bee8e00f0487a
d2fe18a55b1faf87655e79149563e492ce647a0b
ad3c8c821351cea426924e0b9dc0cdd418d93d27580fad6577fc5c5f29d259e2
GET /wp-content/plugins/favorites-posts/favposts.css?ver=1.5 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 13 Dec 2018 00:17:30 GMT
ETag: "74f-57cdc3d7ffa80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 461
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
37.151.94.26200 OK 4.0 kB URL HTTP/1.1 greenday.kz/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 02 Sep 2018 20:44:08 GMT
ETag: "2748-574e97c781600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4014
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3
37.151.94.26200 OK 7.4 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 4d4d57e417715717bc062849cde5fc1c
ed29086757c74aa094bee6cab4e7d49b526d1f88
263ef5bd84d5ca78e4d016226981ed31de2928e872f5c7cb4c04d505ede65f36
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.0.3 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "6b9f-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7420
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.3.2
37.151.94.26200 OK 2.5 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.3.2
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (6322)
Hash cba2501c2a575e931b982fec7a394b81
2a51a1710e57fe72144ca7073e208e36d6671037
266ef3e77575eb4b87e69ba86f05663a9b0e59a64e9250ffd3618037ec4a811d
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.3.2 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "1912-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2473
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.5.56
37.151.94.26200 OK 6.1 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.5.56
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (24110)
Hash 7ab8d3ba1d5a2f96626648b90fdc55c5
558a2a26ffdaf36cc5d4edac62c7d680f2fa7910
69d9815a8ea613418eb73030fdc9f746802282ca698358fbb7bf9b9b817e6c63
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=1.5.56 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "6250-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6141
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1
37.151.94.26200 OK 2.4 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 3660ed0dad6b177c75566ccbb29bc8c6
2052a9f732f54ab07897613c8b9e83d243c4abe6
66c7cad3cdefc5f66401cdbdb146884b927ba31b8f4c0e27a8f5bd58c7a004d1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen-0.4.1.min.js?ver=0.4.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "1dcc-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2443
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/hover/js/modernizr.js
37.151.94.26200 OK 6.2 kB URL HTTP/1.1 greenday.kz/hover/js/modernizr.js
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type HTML document, ASCII text, with very long lines (14592)
Hash 0a732dd0a26bbdfb3a875078e2b7aeb3
6c6313c8a1c1a7cdf497181168321a80669185af
337048d7ac0999d95bcb0d0209ac73abed0259eefaa28f975385c450c2dd1756
Analyzer Verdict Alert fortinet Malware
GET /hover/js/modernizr.js HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 03 Apr 2019 08:06:46 GMT
ETag: "3b8b-5859bbc1d1180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6189
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/wp-post-modal/public/js/wp-post-modal-public.js?ver=1.0.0
37.151.94.26200 OK 2.8 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/wp-post-modal/public/js/wp-post-modal-public.js?ver=1.0.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 76afb861084dc4ee89a9dc9027cd70e2
2259964f22902df057c67361ee47e13401bf7683
8dbf299f4cdc70c31f4f461742d44e9873383f2169e6ef96211a4b6eb9f1a375
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-post-modal/public/js/wp-post-modal-public.js?ver=1.0.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 23 Dec 2018 22:54:22 GMT
ETag: "3101-57db85c724380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2792
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
37.151.94.26200 OK 4.0 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash cc76150566e288ba52c395d105fc43e1
512f5dd7dd49dc388f095dcde797f442b66b98d1
ab81562eb44e8846c82a44f1157ad551e3c6cd33a4b7e55c32be48a00d0a5565
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.5 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 30 Oct 2018 05:32:46 GMT
ETag: "3976-5796b83f6bb80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4047
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=4.9.8
37.151.94.26200 OK 1.8 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Hash 796d2bdbbabe221056c303f3c0eb8ae5
bee7702a8f8693aafe59cddb48fa65f3c3ad2883
07af6de5aec754caf08403d20341f3d1a76ddb4725290bdd8f6c58ebf7f1ca18
GET /wp-content/plugins/mobile-menu/includes/js/mobmenu.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 29 Oct 2018 03:05:38 GMT
ETag: "2187-5795557eec480-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1806
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
37.151.94.26200 OK 3.5 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (9172)
Hash c5ed233484e496839d8a5c379017e476
2c281f9e4e88b9f64f97c20ddcb1003064705bca
7e7f8ed6d44a1fc906799b6c41f26575b45176b5abb8ff093bb8fe0babd7c078
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "255e-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3533
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.56
37.151.94.26200 OK 28 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.56
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (65536), with no line terminators
Hash 09c78a74854e09d626461f3bec0b7077
2ad837b39bdb0501b6f5b262eff2f6f520a25de6
7b138085d5176dbd4ca455f3d4f781666979eaa764785792cf22365e9b068cc6
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.5.56 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:39 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 17 Jun 2020 02:24:16 GMT
ETag: "273a2-5a83e5b415400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 28103
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.0
37.151.94.26200 OK 1.0 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type HTML document, ASCII text, with very long lines (2750), with no line terminators
Hash 1b8fe2644fef57191ece9c6b91548028
9f6dbeab0f48032a1985662e325a7d2b02370290
6d8ec46817a79a5d60f41727cd986f94cdc4543092041a34d0c7c3b1d875161d
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.8.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "abe-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1017
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.1
37.151.94.26200 OK 739 B URL HTTP/1.1 greenday.kz/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1933), with CRLF line terminators
Hash 92aa4911ad098243e1ad9da930b4e729
2d3dc3746b38d646e33661e503d64dab4d63f3c6
7ca963c081d82031731755fa3048516635b31c826d14224397722875b06881c6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.min.js?ver=2.0.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 07 Nov 2018 22:28:16 GMT
ETag: "78f-57a1aa267c000-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 739
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.0
37.151.94.26200 OK 619 B URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1472), with no line terminators
Hash e5cffe0bdc96a56424c5fb6c192274d0
53ee24a03f243c428a4460dac7da2862ce1800e8
5ab78456ac52f7b3e26e317fa2816d25fe113cf1f0af71adac416773c9e20851
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.8.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "5c0-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 619
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
37.151.94.26200 OK 981 B URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1680)
Hash 2238631cf6be3be50e2ab84374f6381d
f1525686e4d6b7d39727aaf30db49ac9b2bc3fa8
8e46659318c5590dc20944c2d2464b93a06a89e0a4f7353112da4cf06bc213e6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "736-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 981
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.0
37.151.94.26200 OK 1.0 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (2940), with no line terminators
Hash e02277bbb27796df7a21fbecacff427e
89ae0705044f9532359034bfb9a6c462d9fc07a9
2176445638719be847e19c307532a59b3d31ec744268b6e261dd324d9913f1d4
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.8.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "b7c-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1042
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18260, version 1.0\012- data
Hash 6dea752293556883fdae057d588b0bb1
e4d090e03bb920f5ddf7b09937428b2a0a2a9ee0
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
GET /s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 17:03:18 GMT
expires: Fri, 29 Sep 2023 17:03:18 GMT
cache-control: public, max-age=31536000
age: 349861
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10dxCF8jA.woff2
216.58.207.195200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10dxCF8jA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13192, version 1.0\012- data
Hash 7dbb88afac91edf54c262cc18d4c48da
e77d16c6a9530538a899121a0b5bda26c817ce41
6757eb05baeacae26320f55183f3bf0cbb184a9961e163fd9f852b4f1fdf3754
GET /s/arimo/v27/P5sMzZCDf9_T_10dxCF8jA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13192
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 30 Sep 2022 15:44:45 GMT
expires: Sat, 30 Sep 2023 15:44:45 GMT
cache-control: public, max-age=31536000
age: 268174
last-modified: Mon, 11 Jul 2022 21:03:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic&ver=4.9.8
142.250.74.10200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic&ver=4.9.8
IP 142.250.74.10:0
File type ASCII text, with very long lines (1593)
Hash 8003308e7bd4520a35334d0de1d2f3c4
a8bec0076f161c05d8b9e92fa4ef117eee3dce2a
e788dfabfde1721872dbae839f3d9371aa8278c0ef8f65825abfffb12766afbf
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=cyrillic&ver=4.9.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:17 GMT
date: Mon, 03 Oct 2022 18:14:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:53:39 GMT
expires: Tue, 26 Sep 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 602440
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 227124
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
216.58.207.195200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10652, version 1.0\012- data
Hash c010b23b2704126796a794818ca777fb
41d3c9ae6692a1ca032d420646cc49b395fb4c96
624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10652
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 18:57:55 GMT
expires: Tue, 26 Sep 2023 18:57:55 GMT
cache-control: public, max-age=31536000
age: 602184
last-modified: Mon, 15 Aug 2022 18:11:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=4.9.8
142.250.74.10200 OK 570 B URL HTTP/2 fonts.googleapis.com/css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=4.9.8
IP 142.250.74.10:0
Hash 8f90ed3b5e6e076711147216501339d3
95d7cb3259837875a2d7a18c6faed590f71517be
1e5c8f0c3fdba3529b8af4b9571026edf7fc4504a5ffa7b4c29eeb0575cbcfc3
GET /css?family=Dosis%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=4.9.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:17 GMT
date: Mon, 03 Oct 2022 18:14:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=4.9.8
142.250.74.10200 OK 2.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=4.9.8
IP 142.250.74.10:0
File type ASCII text, with very long lines (4325)
Hash fc3fe1c490049e0dda15fd56dcfc0acc
879d152cef6f9d4411bcd60ccf76f4b1774f0870
49c240fdc670a929314c180b8ec6002c1d1219b1cb7c4227b01ce6d746868b27
GET /css?family=Roboto%3Ainherit%2C400&subset=latin%2Clatin-ext&ver=4.9.8 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:17 GMT
date: Mon, 03 Oct 2022 18:14:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
greenday.kz/wp-content/themes/idyllic/js/jquery.waypoints.min.js?ver=4.9.8
37.151.94.26200 OK 2.8 kB URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/js/jquery.waypoints.min.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type Unicode text, UTF-8 text, with very long lines (8863)
Hash fb1c91e72b022567c85bc02b5c7976ef
ac47fdab02602cd76bc9e48810555632ae22f49e
38fd030c8515c2a733309592e3e58db3554429c3654570e9912205484e69584b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/idyllic/js/jquery.waypoints.min.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Sep 2018 21:44:08 GMT
ETag: "2344-575b37d757a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2753
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
getbootstrap.com/2.3.2/assets/img/glyphicons-halflings.png
104.22.58.100200 OK 13 kB URL HTTP/2 getbootstrap.com/2.3.2/assets/img/glyphicons-halflings.png
IP 104.22.58.100:0
File type PNG image data, 469 x 159, 8-bit gray+alpha, non-interlaced\012- data
Hash 2516339970d710819585f90773aebe0a
84f613631b07d4fe22acbab50e551c0fe04bd78b
d99e3fa32c641032f08149914b28c2dc6acf2ec62f70987f2259eabbfa7fc0de
GET /2.3.2/assets/img/glyphicons-halflings.png HTTP/1.1
Host: getbootstrap.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 03 Oct 2022 18:14:19 GMT
content-type: image/png
content-length: 12799
x-origin-cache: HIT
last-modified: Mon, 03 Oct 2022 07:55:35 GMT
access-control-allow-origin: *
etag: "633a9577-31ff"
expires: Mon, 03 Oct 2022 08:07:46 GMT
cache-control: max-age=14400
x-proxy-cache: MISS
x-github-request-id: 0815:020D:17CC95:1CE2D4:633A95FA
via: 1.1 varnish
x-served-by: cache-mel11255-MEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1664784190.283766,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: dd4baee5743f7c2eeccf1e65ec43181fd4670f3f
cf-cache-status: HIT
age: 4
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7547a821cbbfb509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
greenday.kz/wp-content/themes/idyllic/js/jquery.counterup.min.js?ver=4.9.8
37.151.94.26200 OK 852 B URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/js/jquery.counterup.min.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (2181)
Hash ca5469ea6cc1d91da4306a0d8e99af7d
3928aa77c7f9cc5be40271606e034941805fb87b
648d1cf71ab891b4acb77cb1af10c3b0ba75a0c43535d289d62f972a08247870
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/idyllic/js/jquery.counterup.min.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Sep 2018 21:44:08 GMT
ETag: "886-575b37d757a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 852
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/themes/idyllic/js/navigation.js?ver=4.9.8
37.151.94.26200 OK 633 B URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/js/navigation.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1541), with no line terminators
Hash c5bd6e16cbaec983990d72c049a06db6
78e8e307813258687a1eb0a838815f8d81598ad9
2edbb98aa429a47d46216601df3d4b88da7c0968e9211f1aaa029364bcc03729
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/idyllic/js/navigation.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Sep 2018 21:44:08 GMT
ETag: "605-575b37d757a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 633
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
142.250.74.10200 OK 7.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext
IP 142.250.74.10:0
File type ASCII text, with very long lines (22239)
Hash 757c0fb750ac42aa99780debf16e49d6
426f8453ecf4968d7f5c17c5c71ee0f3081abc7b
953d4f3bdcf0eb0fa886e7a0b8e04cfa0613c260f3230bb6b94735828a919033
GET /css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:17 GMT
date: Mon, 03 Oct 2022 18:14:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 3ac4095580b6b57a620c4d5cde48c990
079c6c5834e6412236fe9be5c76544043dfe998d
5e8b685f46b377e7d3482b7fe521e348e7a1c1041002e2fe974d6b35d6b45bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 17:57:43 GMT
ETag: "079c6c5834e6412236fe9be5c76544043dfe998d"
Last-Modified: Mon, 03 Oct 2022 17:57:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547a82249820b49-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 3ac4095580b6b57a620c4d5cde48c990
079c6c5834e6412236fe9be5c76544043dfe998d
5e8b685f46b377e7d3482b7fe521e348e7a1c1041002e2fe974d6b35d6b45bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 17:57:43 GMT
ETag: "079c6c5834e6412236fe9be5c76544043dfe998d"
Last-Modified: Mon, 03 Oct 2022 17:57:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547a8224c8eb517-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 3ac4095580b6b57a620c4d5cde48c990
079c6c5834e6412236fe9be5c76544043dfe998d
5e8b685f46b377e7d3482b7fe521e348e7a1c1041002e2fe974d6b35d6b45bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 17:57:43 GMT
ETag: "079c6c5834e6412236fe9be5c76544043dfe998d"
Last-Modified: Mon, 03 Oct 2022 17:57:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547a822599f0b49-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 3ac4095580b6b57a620c4d5cde48c990
079c6c5834e6412236fe9be5c76544043dfe998d
5e8b685f46b377e7d3482b7fe521e348e7a1c1041002e2fe974d6b35d6b45bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 17:57:43 GMT
ETag: "079c6c5834e6412236fe9be5c76544043dfe998d"
Last-Modified: Mon, 03 Oct 2022 17:57:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547a82259871c0e-OSL
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.20.226:0
Hash 3ac4095580b6b57a620c4d5cde48c990
079c6c5834e6412236fe9be5c76544043dfe998d
5e8b685f46b377e7d3482b7fe521e348e7a1c1041002e2fe974d6b35d6b45bea
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:14:19 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 07 Oct 2022 17:57:43 GMT
ETag: "079c6c5834e6412236fe9be5c76544043dfe998d"
Last-Modified: Mon, 03 Oct 2022 17:57:44 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 5
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547a8225cb0b517-OSL
greenday.kz/wp-content/themes/idyllic/js/flexslider-setting.js?ver=4.9.8
37.151.94.26200 OK 461 B URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/js/flexslider-setting.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1584), with no line terminators
Hash a730af64ba2fb2950560ee4295ae1c88
654bfd4ff26543b4bbc7b9440459519a081d81b1
094a9c1cff9159fe8a5f962afaf7b974ee70678f9cd2f1f075830644e9652985
GET /wp-content/themes/idyllic/js/flexslider-setting.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Sep 2018 21:44:08 GMT
ETag: "630-575b37d757a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 461
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/themes/idyllic/js/number-counter.js?ver=4.9.8
37.151.94.26200 OK 145 B URL HTTP/1.1 greenday.kz/wp-content/themes/idyllic/js/number-counter.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with no line terminators
Hash 988a17fc7b2e6101c0dd777c7fedfa07
c8863f5cc25a4b3c7c16145a010868a6af1794ac
bfa77360def6c8fa0221253a0882c096b48475c489098824b62c0e19a87ab2a4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/idyllic/js/number-counter.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 12 Sep 2018 21:44:08 GMT
ETag: "9a-575b37d757a00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 145
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/pscrollbar/perfect-scrollbar.jquery.min.js?ver=1.7.0
37.151.94.26200 OK 7.5 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/pscrollbar/perfect-scrollbar.jquery.min.js?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (29764)
Hash 8b94821a23cd53c972c7b605f202c3a3
216d2389e397cf08edf4ba71e9a766252ccd71c0
be053cdbf6cb740a5ee98194affe31759c980c881c3ff88dac5aa604ddf308aa
GET /wp-content/plugins/quadmenu/assets/frontend/pscrollbar/perfect-scrollbar.jquery.min.js?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "7445-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7488
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/owlcarousel/owl.carousel.min.js?ver=1.7.0
37.151.94.26200 OK 12 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/owlcarousel/owl.carousel.min.js?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (34964)
Hash f124d51d5ed9e16349e30394c7d43ecc
613a3984ee3c0126b06a4cace9f87644d500ab4c
ae002852f6c494d3dd33d26261f0a1ebadebf78e7003128500710a0e04f75413
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/quadmenu/assets/frontend/owlcarousel/owl.carousel.min.js?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "bc86-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11823
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-includes/js/hoverIntent.min.js?ver=1.8.1
37.151.94.26200 OK 479 B URL HTTP/1.1 greenday.kz/wp-includes/js/hoverIntent.min.js?ver=1.8.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1115), with no line terminators
Hash 5717046c2e00737aa66fe59faa0a8d06
375a19a99a96bb547b60e3b0f56ba0757b44aced
c0ef618b9d4e938a55352c6c30a56c82a11d5f40a71b81147cbb94f1b13d1cb0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.8.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 02 Sep 2018 20:44:10 GMT
ETag: "45b-574e97c969a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 479
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/quadmenu/assets/frontend/js/quadmenu.min.js?ver=1.7.0
37.151.94.26200 OK 7.7 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/quadmenu/assets/frontend/js/quadmenu.min.js?ver=1.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (31477)
Hash f04875a35d3e6d695db17694f76b4fc4
953e9536502710a387178fe66a0faf48a390111b
989d263c770ce467b913b95a44c531015eda70888555be672b11a24aaced7264
GET /wp-content/plugins/quadmenu/assets/frontend/js/quadmenu.min.js?ver=1.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 29 Nov 2018 22:35:40 GMT
ETag: "7af6-57bd54d60e700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7652
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-includes/js/wp-embed.min.js?ver=4.9.8
37.151.94.26200 OK 751 B URL HTTP/1.1 greenday.kz/wp-includes/js/wp-embed.min.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (1398), with no line terminators
Hash 7542039ce963ffd18ad4fb7be13bd2be
8385e433e8e65739fc27b6bd16b1a7ae71b11084
a70bca1336a4ac7592ce631cbb22c9ebb01d60461d221ac7a46f91a4ccfd1255
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 02 Sep 2018 20:44:10 GMT
ETag: "576-574e97c969a80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 751
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
37.151.94.26200 OK 2.6 kB URL HTTP/1.1 greenday.kz/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (6306)
Hash 820683f34f24b91904907c620a2fb928
b35cc2bff48a376281feaf0c8c259b45f32e286c
d2e02cbefd97ff4e104c66ed951bf999b9d6166723cbdb112940605eb0a73de8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 02 Sep 2018 20:44:08 GMT
ETag: "197f-574e97c781600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2562
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.4.1
37.151.94.26200 OK 3.3 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.4.1
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (10038)
Hash b784eea8211505370ca34acc37910a5b
df1a4acd74815aa539107e6f2abe67c46d6b7d89
e246da4b640dfb498512db6156f2bbb0271b5e65196340d13a982b44bad305d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.4.1 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:12 GMT
ETag: "27bf-57b0b67547c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3340
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
37.151.94.26200 OK 3.0 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:10 GMT
ETag: "2fa6-57b0b6735f780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2993
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.3.2
37.151.94.26200 OK 11 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.3.2
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (36933)
Hash f171bb56c97f7a51dcc576045cd7378d
21eac8fed84abddda0603f1d9a5813c6eeaacfb1
486e0b1e5a059b0182c71ba9627363a4890c90747020716929369016271f5c4e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=2.3.2 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:12 GMT
ETag: "906c-57b0b67547c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10695
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
37.151.94.26200 OK 4.4 kB URL HTTP/1.1 greenday.kz/wp-includes/js/wp-emoji-release.min.js?ver=4.9.8
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (9118)
Hash fe05400b94a75668a17a99986b4658c3
3b1592b054709be35f5a809244e1117dcb02633e
aad5379b020a7c8e338871e1dd0090f6dde8662a1f2053cce95c0fcbcf412116
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.8 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sun, 02 Sep 2018 21:09:06 GMT
ETag: "2efa-574e9d5c1c080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4382
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/uploads/header/map1.svg
37.151.94.26200 OK 75 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/header/map1.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (47864)
Hash 6fb443bec7c65510a6b05cd8b3bab483
f3128f36b48223bbd034361cc4b3d8f0557b7f1d
49458c580e4ccc756dd5b40a8ef26002a973cc789126394dd1ace089d9a505da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/header/map1.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 20 Dec 2018 19:33:18 GMT
ETag: "125de-57d7933da1b80"
Accept-Ranges: bytes
Content-Length: 75230
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.8.0
37.151.94.26200 OK 1.1 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.8.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (6758), with no line terminators
Hash bac3c679da4930209be92b338cb74b7f
1a18633b3aecdcb7146475a1f6a90c58058f9e9b
b5b63cee0120e4cf9a183bab0905af9d4fa8712d4afef4d0b7d7c0f914ae26b3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=3.8.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 14 Nov 2019 00:37:16 GMT
ETag: "1a66-59743aedee700-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1055
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: text/css
greenday.kz/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3
37.151.94.26200 OK 31 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type ASCII text, with very long lines (65275)
Hash 6141bbe09a95c1b70d5c016960ce93f7
ec31391a5488e31aaa93687c27d12bdb414ec44c
1461cd7c9e2e97443dedc9321355bf3394c34bfda82443d4a0426e14afd871bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.jquery.min.js?ver=4.4.3 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:10 GMT
ETag: "1df47-57b0b6735f780-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 31322
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
greenday.kz/wp-content/uploads/header/insta1_32.svg
37.151.94.26200 OK 144 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/header/insta1_32.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size 144 kB (143559 bytes)
Hash 04b9bedb32a4744287a632806f828055
e783efb226bfae4937a20344d3d461cf0e9f514f
93f1eada73b76c1654e82eb54ec00c7e1f6441bb3ead6d4907ca40ca677c909e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/header/insta1_32.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 20 Dec 2018 19:33:18 GMT
ETag: "230c7-57d7933da1b80"
Accept-Ranges: bytes
Content-Length: 143559
Keep-Alive: timeout=5, max=83
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/wp-content/uploads/header/facebook1_32.svg
37.151.94.26200 OK 19 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/header/facebook1_32.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 062270168be9b3cf6055222c9781abb4
feefc51fbc863b9ac01f9815e3a669e60d99f178
dad20c5785de68c8557999da29dc75effa370a2a511e6a311cace7d60fb6c9b1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/header/facebook1_32.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 20 Dec 2018 19:33:18 GMT
ETag: "4a4a-57d7933da1b80"
Accept-Ranges: bytes
Content-Length: 19018
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
37.151.94.26200 OK 77 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://greenday.kz/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 19 Nov 2018 21:43:10 GMT
ETag: "12d68-57b0b6735f780"
Accept-Ranges: bytes
Content-Length: 77160
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
greenday.kz/wp-content/uploads/header/gazon4096x120.svg
37.151.94.26200 OK 185 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/header/gazon4096x120.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65403)
Size 185 kB (185425 bytes)
Hash b7f99e48194156187610a1d130be11fc
15693d17af0ad32eb44e8e08b904e1f04e0b7007
02616d46a12f010b9894213a4e0da3f5cb06b534cacaeee7b21cf7d5224a45a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/header/gazon4096x120.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes/idyllic/style.css?ver=4.9.8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 17 Dec 2019 23:23:58 GMT
ETag: "2d451-599ee9f557f80"
Accept-Ranges: bytes
Content-Length: 185425
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/wp-content/uploads/header/logo+gd.png
37.151.94.26200 OK 160 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/header/logo+gd.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 868 x 443, 8-bit/color RGBA, non-interlaced\012- data
Size 160 kB (159965 bytes)
Hash 6352387ab816f39d268ee8428f44ccb0
02972c0f2a530c56e152456ff3af510ef03c119d
abd03969805f5808f3b47ff8f0626df53a8e097e4f65bb7d651e51afe0455923
GET /wp-content/uploads/header/logo+gd.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 23 Apr 2019 22:48:48 GMT
ETag: "270dd-5873a63563400"
Accept-Ranges: bytes
Content-Length: 159965
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/uploads/header/phone1.svg
37.151.94.26200 OK 17 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/header/phone1.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (15284)
Hash cc48636423a0caa4976bc05ed3180a00
66d77ea1ac610fa0f51e23d74ce592b016a159c3
d4cc623403a20b675af4ade474eaa3a6849f8c1eceac86ce857f600e320b8d28
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/header/phone1.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 20 Dec 2018 19:33:18 GMT
ETag: "43d6-57d7933da1b80"
Accept-Ranges: bytes
Content-Length: 17366
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/hover/img/irrigation.png
37.151.94.26200 OK 293 kB URL HTTP/1.1 greenday.kz/hover/img/irrigation.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 500 x 313, 8-bit/color RGB, non-interlaced\012- data
Size 293 kB (293359 bytes)
Hash 17a83a7ff373d68b10f85def23041597
f450372e72b5b2b9d1417bd798ea1712bb3d4590
006ef2b4b8d4efa3dad8a5a727e7bb4165c4bf49f74173b271e3bc4032d834e0
GET /hover/img/irrigation.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 12 Jun 2020 04:03:36 GMT
ETag: "479ef-5a7db294ad600"
Accept-Ranges: bytes
Content-Length: 293359
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/hover/img/lawn.png
37.151.94.26200 OK 306 kB URL HTTP/1.1 greenday.kz/hover/img/lawn.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 500 x 334, 8-bit/color RGB, non-interlaced\012- data
Size 306 kB (306038 bytes)
Hash 45d2a9d48ad3f49d96cbca12738c4b41
05a2bce01709881a565981b8837203b484327346
91e2a60e68b5b889f1b05cf9190539170f03592b6f7496590e201be6a32e36b3
GET /hover/img/lawn.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 12 Jun 2020 04:03:36 GMT
ETag: "4ab76-5a7db294ad600"
Accept-Ranges: bytes
Content-Length: 306038
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/hover/img/design.png
37.151.94.26200 OK 307 kB URL HTTP/1.1 greenday.kz/hover/img/design.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 500 x 313, 8-bit/color RGB, non-interlaced\012- data
Size 307 kB (306745 bytes)
Hash bc584557c1cb8d2e6414866c74c8d2fb
4b3187cb8d6837009a8ff842e6e5945a622af80a
cd330cc88594b8114860f0d72815679dc7572cc39eb908c87f3073472c9a0f7b
GET /hover/img/design.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 12 Jun 2020 04:03:36 GMT
ETag: "4ae39-5a7db294ad600"
Accept-Ranges: bytes
Content-Length: 306745
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/uploads/2018/11/insta1_32.svg
37.151.94.26200 OK 144 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/11/insta1_32.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size 144 kB (143559 bytes)
Hash 04b9bedb32a4744287a632806f828055
e783efb226bfae4937a20344d3d461cf0e9f514f
93f1eada73b76c1654e82eb54ec00c7e1f6441bb3ead6d4907ca40ca677c909e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/11/insta1_32.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 09 Nov 2018 02:51:42 GMT
ETag: "230c7-57a326e5b8b80"
Accept-Ranges: bytes
Content-Length: 143559
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/?wc-ajax=get_refreshed_fragments
37.151.94.26200 OK 298 B URL HTTP/1.1 greenday.kz/?wc-ajax=get_refreshed_fragments
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type JSON data\012- , ASCII text, with no line terminators
Hash cea31afcc0e9b6eec7f3c58b2dd04104
384bea8a9d78fc6df1ea85e4297a0cb1e601151b
5d91d752b53806449cfbb9349a531ca7401db890825d14c7da505b98901d8e89
Analyzer Verdict Alert fortinet Malware
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Access-Control-Allow-Origin: https://greenday.kz
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
X-Robots-Tag: noindex
Content-Length: 298
Keep-Alive: timeout=5, max=82
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
greenday.kz/wp-content/uploads/2018/11/facebook1_32.svg
37.151.94.26200 OK 19 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/11/facebook1_32.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 062270168be9b3cf6055222c9781abb4
feefc51fbc863b9ac01f9815e3a669e60d99f178
dad20c5785de68c8557999da29dc75effa370a2a511e6a311cace7d60fb6c9b1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/11/facebook1_32.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 09 Nov 2018 02:51:30 GMT
ETag: "4a4a-57a326da47080"
Accept-Ranges: bytes
Content-Length: 19018
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/wp-content/uploads/2018/11/wa1_32.svg
37.151.94.26200 OK 197 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/11/wa1_32.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size 197 kB (197303 bytes)
Hash 70f2296202bc10d54e393809fb6aca92
d1e896742358a9f99851fdb2601489bafc9c3993
a0bda3f56b5a1bf57876d4e7dbca3d06ff85987447af68e027da87461d455b78
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/11/wa1_32.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 09 Nov 2018 02:51:52 GMT
ETag: "302b7-57a326ef42200"
Accept-Ranges: bytes
Content-Length: 197303
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/wp-content/uploads/2018/11/google-play-1.svg
37.151.94.26200 OK 8.0 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/11/google-play-1.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (8001), with no line terminators
Hash 5f2741633642f8fcc883816f2f915dda
77cc58ade7b8c3b4207dd14fdc775fd348bc76b0
be0a79ff5e4a8d90ff484f4385e12709e603d1918027fbc563f53fabaa941484
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/11/google-play-1.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 08 Nov 2018 21:51:00 GMT
ETag: "1f41-57a2e3af87900"
Accept-Ranges: bytes
Content-Length: 8001
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/svg+xml
greenday.kz/hover/img/tree.png
37.151.94.26200 OK 204 kB URL HTTP/1.1 greenday.kz/hover/img/tree.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 500 x 313, 8-bit/color RGB, non-interlaced\012- data
Size 204 kB (203874 bytes)
Hash e0292198a5223555c641b3600bac9ffa
fd00ab086be5ec35b3348d67919522f1e844c99c
6ff13d0bf5641749c3bd3ef99fd78ac27d32c410bba21ee48029ac53940aa36f
GET /hover/img/tree.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 12 Jun 2020 04:03:36 GMT
ETag: "31c62-5a7db294ad600"
Accept-Ranges: bytes
Content-Length: 203874
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/uploads/2018/10/menumob-150x150.png
37.151.94.26200 OK 1.7 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/10/menumob-150x150.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 462792a7249ff81810b62ad50fa8412c
1edd1fa51c1ea756df2ae0419b1f38ab62b685c0
21bf797ff9a0e2e848dde122f36479ccfbe67c8a1f35b0ea59cd5af135ce6f10
GET /wp-content/uploads/2018/10/menumob-150x150.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 31 Oct 2018 02:35:02 GMT
ETag: "6a8-5797d262e6180"
Accept-Ranges: bytes
Content-Length: 1704
Keep-Alive: timeout=5, max=81
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/uploads/2019/06/logogd-white.png
37.151.94.26200 OK 83 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2019/06/logogd-white.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 868 x 443, 8-bit gray+alpha, non-interlaced\012- data
Hash e5fdb26a4cb8ddd7a61f6bf3574ca62b
3cab40b4e5325519910e5ea889e65f060074c40a
635261f24c1ae6f875525b461414c882145105f60c10cb4060b3248e4407bec9
GET /wp-content/uploads/2019/06/logogd-white.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 19 Jun 2019 22:34:22 GMT
ETag: "1442e-58bb4d4ac7780"
Accept-Ranges: bytes
Content-Length: 82990
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/uploads/2018/10/phonecall-150x150.png
37.151.94.26200 OK 5.6 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/10/phonecall-150x150.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash d623119397111ff32653b6e27c0ae416
56d80dd3245b9bb38ceb8fa54eba8fba874dd874
d308380726151fc9f4c5443a8977bf9cc0a06e66e57d66ae409dc02af6af39bf
GET /wp-content/uploads/2018/10/phonecall-150x150.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 31 Oct 2018 02:19:48 GMT
ETag: "15ee-5797cefb3d900"
Accept-Ranges: bytes
Content-Length: 5614
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/plugins/wpfront-scroll-top/images/icons/114.png
37.151.94.26200 OK 7.5 kB URL HTTP/1.1 greenday.kz/wp-content/plugins/wpfront-scroll-top/images/icons/114.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash b648189263062a194abf88411a75dbd2
d3c80112d0c9fdfae322b46fe6c56ccb77936728
afaf0058b479872185e113a58df42b409bfdd14ac7df14fb721af52672c3e399
GET /wp-content/plugins/wpfront-scroll-top/images/icons/114.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Thu, 20 Jun 2019 01:01:18 GMT
ETag: "1d2f-58bb6e225f380"
Accept-Ranges: bytes
Content-Length: 7471
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 03 Oct 2022 16:34:43 GMT
expires: Mon, 03 Oct 2022 18:34:43 GMT
cache-control: public, max-age=7200
age: 5977
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 2c050f5071f69bb905d10686d7a3c697
127c4087edb95c9ce060af84609fcb1e0ef87c7a
45383fd1b1c72ce18b9e83f34404c913b4d31cd7b28062d10510576d3848f738
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:14:20 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 07 Oct 2022 16:06:30 GMT
ETag: "127c4087edb95c9ce060af84609fcb1e0ef87c7a"
Last-Modified: Mon, 03 Oct 2022 16:06:31 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1332
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7547a82aaa480b49-OSL
www.google-analytics.com/j/collect?v=1&_v=j97&a=946551058&t=pageview&_s=1&dl=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&ul=en-us&de=UTF-8&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1660573074&gjid=951658705&cid=1700088208.1664820860&tid=UA-139245942-1&_gid=496132087.1664820860&_r=1>m=2ou9s0&z=1535623553
216.239.32.178200 OK 2 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=946551058&t=pageview&_s=1&dl=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&ul=en-us&de=UTF-8&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1660573074&gjid=951658705&cid=1700088208.1664820860&tid=UA-139245942-1&_gid=496132087.1664820860&_r=1>m=2ou9s0&z=1535623553
IP 216.239.32.178:0
File type ASCII text, with no line terminators
Hash cc7a1e792bca8ccb1946b7a07f6dbc03
11a2757082428311f587b7664fa9840376137f80
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
POST /j/collect?v=1&_v=j97&a=946551058&t=pageview&_s=1&dl=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&ul=en-us&de=UTF-8&dt=%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1660573074&gjid=951658705&cid=1700088208.1664820860&tid=UA-139245942-1&_gid=496132087.1664820860&_r=1>m=2ou9s0&z=1535623553 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://greenday.kz
date: Mon, 03 Oct 2022 18:14:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
greenday.kz/wp-content/uploads/2018/10/cropped-logo-192x192.png
37.151.94.26200 OK 31 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/10/cropped-logo-192x192.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3fec2dd89bae9efb84f0176682cba879
0a68289cbde07e2071b5ace62164669561b76edd
459db53d42e121f9812cc37afe9232a1f0a9881b15eeefacd9ece88307a6980d
GET /wp-content/uploads/2018/10/cropped-logo-192x192.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 26 Apr 2019 00:26:48 GMT
ETag: "7a70-58763fd7ea200"
Accept-Ranges: bytes
Content-Length: 31344
Keep-Alive: timeout=5, max=84
Connection: Keep-Alive
Content-Type: image/png
greenday.kz/wp-content/uploads/2018/10/cropped-logo-32x32.png
37.151.94.26200 OK 1.9 kB URL HTTP/1.1 greenday.kz/wp-content/uploads/2018/10/cropped-logo-32x32.png
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d66309e7f59c1736dea64c1b25db4ad1
0e481c3b36e8f2d696fa88270a939ebf7fd631ef
97cb5346505a65f1ba9df50425f9c93d1ad3240694baf77c8361efdbadc983c4
GET /wp-content/uploads/2018/10/cropped-logo-32x32.png HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Mon, 03 Oct 2022 18:13:41 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 26 Apr 2019 00:26:48 GMT
ETag: "782-58763fd7ea200"
Accept-Ranges: bytes
Content-Length: 1922
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53e0e5a2455fedae0d6308f91d41e445
237c2856f8a89ae3673ea909164557d65268c463
ddba9b3842f879168185b6607551069b312c44de4ec015ca4b43ad154d190bc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Mon, 03 Oct 2022 18:14:20 GMT
access-control-allow-origin: *
etag: "633583ac-11a95"
expires: Mon, 03 Oct 2022 19:14:20 GMT
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-139245942-1&cid=1700088208.1664820860&jid=1660573074&gjid=951658705&_gid=496132087.1664820860&_u=YEBAAUAAAAAAAC~&z=406182609
74.125.131.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-139245942-1&cid=1700088208.1664820860&jid=1660573074&gjid=951658705&_gid=496132087.1664820860&_u=YEBAAUAAAAAAAC~&z=406182609
IP 74.125.131.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-139245942-1&cid=1700088208.1664820860&jid=1660573074&gjid=951658705&_gid=496132087.1664820860&_u=YEBAAUAAAAAAAC~&z=406182609 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://greenday.kz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 03 Oct 2022 18:14:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 03 Oct 2022 18:14:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 03 Oct 2022 18:14:20 GMT
access-control-allow-origin: *
etag: "633583ac-2b"
expires: Mon, 03 Oct 2022 19:14:20 GMT
accept-ranges: bytes
last-modified: Thu, 29 Sep 2022 14:38:20 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/53476513?wmode=7&page-url=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3311%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1062959027534%3Ahid%3A607953788%3Az%3A0%3Ai%3A20221003181420%3Aet%3A1664820861%3Ac%3A1%3Arn%3A595319304%3Arqn%3A1%3Au%3A1664820861410261557%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C344%2C973%2C0%2C358%2C0%2C%2C2188%2C45%2C%2C%2C%2C3869%3Ans%3A1664820855634%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664820861%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 426 B URL HTTP/2 mc.yandex.ru/watch/53476513?wmode=7&page-url=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3311%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1062959027534%3Ahid%3A607953788%3Az%3A0%3Ai%3A20221003181420%3Aet%3A1664820861%3Ac%3A1%3Arn%3A595319304%3Arqn%3A1%3Au%3A1664820861410261557%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C344%2C973%2C0%2C358%2C0%2C%2C2188%2C45%2C%2C%2C%2C3869%3Ans%3A1664820855634%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664820861%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (426), with no line terminators
Hash fb501182d9a4baf5a72cbded5cfbac21
1895bfa2d4a8a70b189bb5cea6e7d03d850065df
07ec6f78dff0903e3cd35bf1a6def78f43f14c3679a71be7a14553e6a2d2f679
GET /watch/53476513?wmode=7&page-url=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3311%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1062959027534%3Ahid%3A607953788%3Az%3A0%3Ai%3A20221003181420%3Aet%3A1664820861%3Ac%3A1%3Arn%3A595319304%3Arqn%3A1%3Au%3A1664820861410261557%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C344%2C973%2C0%2C358%2C0%2C%2C2188%2C45%2C%2C%2C%2C3869%3Ans%3A1664820855634%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664820861%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://greenday.kz
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/53476513/1?wmode=7&page-url=https%3A%2F%2Fgreenday.kz%2Fwp-content%2Fthemes_05092022.zip&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A3311%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1062959027534%3Ahid%3A607953788%3Az%3A0%3Ai%3A20221003181420%3Aet%3A1664820861%3Ac%3A1%3Arn%3A595319304%3Arqn%3A1%3Au%3A1664820861410261557%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C344%2C973%2C0%2C358%2C0%2C%2C2188%2C45%2C%2C%2C%2C3869%3Ans%3A1664820855634%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664820861%3At%3A%D0%A1%D1%82%D1%80%D0%B0%D0%BD%D0%B8%D1%86%D0%B0%20%D0%BD%D0%B5%20%D0%BD%D0%B0%D0%B9%D0%B4%D0%B5%D0%BD%D0%B0%20-%20%D0%9A%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20Greenday%20%E2%80%94%20%D0%9B%D0%B0%D0%BD%D0%B4%D1%88%D0%B0%D1%84%D1%82%D0%BD%D1%8B%D0%B9%20%D0%B4%D0%B8%D0%B7%D0%B0%D0%B9%D0%BD%20%D0%B8%20%D0%BE%D0%B7%D0%B5%D0%BB%D0%B5%D0%BD%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B2%20%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B5%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D1%8B%20%D0%B8%20%D0%90%D0%BB%D0%BC%D0%B0%D1%82%D0%B8%D0%BD%D1%81%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B1%D0%BB%D0%B0%D1%81%D1%82%D0%B8&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Mon, 03 Oct 2022 18:14:20 GMT
access-control-allow-origin: https://greenday.kz
set-cookie: yandexuid=9831712011664820860; Expires=Tue, 03-Oct-2023 18:14:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=9831712011664820860; Expires=Tue, 03-Oct-2023 18:14:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=863818041664820860; Path=/; SameSite=None; Secure
i=ZyktpTTIomfueaI0TRabQsyyi82JPYq6/y4WeTWsCqay6CqdF8uRqNonVlYhORDqXy1cJAJaj23DYrTwyYDqLpFU2jo=; Expires=Thu, 30-Sep-2032 18:14:20 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696356860.yrts.1664820860#1696356860.yrtsi.1664820860; Expires=Tue, 03-Oct-2023 18:14:20 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 03-Oct-2022 18:14:20 GMT
last-modified: Mon, 03-Oct-2022 18:14:20 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
static.sletat.ru/images/sletat.ru/desktop-layout/fb.svg
31.131.248.51200 OK 0 B URL HTTP/2 static.sletat.ru/images/sletat.ru/desktop-layout/fb.svg
IP 31.131.248.51:0
ASN #49505 OOO Network of data-centers Selectel
GET /images/sletat.ru/desktop-layout/fb.svg HTTP/1.1
Host: static.sletat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:14:19 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Sep 2018 09:26:42 GMT
etag: W/"5b9638d2-15a"
expires: Mon, 10 Oct 2022 18:14:19 GMT
pragma: public
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
static.sletat.ru/images/sletat.ru/desktop-layout/twitter.svg
31.131.248.51200 OK 0 B URL HTTP/2 static.sletat.ru/images/sletat.ru/desktop-layout/twitter.svg
IP 31.131.248.51:0
ASN #49505 OOO Network of data-centers Selectel
GET /images/sletat.ru/desktop-layout/twitter.svg HTTP/1.1
Host: static.sletat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:14:19 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Sep 2018 09:26:42 GMT
etag: W/"5b9638d2-231"
expires: Mon, 10 Oct 2022 18:14:19 GMT
pragma: public
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
static.sletat.ru/images/sletat.ru/desktop-layout/vk.svg
31.131.248.51200 OK 0 B URL HTTP/2 static.sletat.ru/images/sletat.ru/desktop-layout/vk.svg
IP 31.131.248.51:0
ASN #49505 OOO Network of data-centers Selectel
GET /images/sletat.ru/desktop-layout/vk.svg HTTP/1.1
Host: static.sletat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:14:19 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Sep 2018 09:26:42 GMT
etag: W/"5b9638d2-263"
expires: Mon, 10 Oct 2022 18:14:19 GMT
pragma: public
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
IP 142.250.74.10:0
GET /css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 03 Oct 2022 18:14:18 GMT
date: Mon, 03 Oct 2022 18:14:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.sletat.ru/images/sletat.ru/desktop-layout/instagram.svg
31.131.248.51200 OK 0 B URL HTTP/2 static.sletat.ru/images/sletat.ru/desktop-layout/instagram.svg
IP 31.131.248.51:0
ASN #49505 OOO Network of data-centers Selectel
GET /images/sletat.ru/desktop-layout/instagram.svg HTTP/1.1
Host: static.sletat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:14:19 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Sep 2018 09:26:42 GMT
etag: W/"5b9638d2-530"
expires: Mon, 10 Oct 2022 18:14:19 GMT
pragma: public
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
static.sletat.ru/images/sletat.ru/desktop-layout/ok.svg
31.131.248.51200 OK 0 B URL HTTP/2 static.sletat.ru/images/sletat.ru/desktop-layout/ok.svg
IP 31.131.248.51:0
ASN #49505 OOO Network of data-centers Selectel
GET /images/sletat.ru/desktop-layout/ok.svg HTTP/1.1
Host: static.sletat.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 03 Oct 2022 18:14:19 GMT
content-type: image/svg+xml
last-modified: Mon, 10 Sep 2018 09:26:42 GMT
etag: W/"5b9638d2-2b2"
expires: Mon, 10 Oct 2022 18:14:19 GMT
pragma: public
cache-control: max-age=604800, public, must-revalidate, proxy-revalidate
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-encoding: br
X-Firefox-Spdy: h2
greenday.kz/wp-content/wp-content/uploads/header/wa1_32.svg
37.151.94.26404 Not Found 0 B URL HTTP/1.1 greenday.kz/wp-content/wp-content/uploads/header/wa1_32.svg
IP 37.151.94.26:0
ASN #9198 JSC Kazakhtelecom
Analyzer Verdict Alert fortinet Malware
GET /wp-content/wp-content/uploads/header/wa1_32.svg HTTP/1.1
Host: greenday.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://greenday.kz/wp-content/themes_05092022.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Mon, 03 Oct 2022 18:13:40 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.29
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, no-store, must-revalidate
Link: <https://greenday.kz/wp-json/>; rel="https://api.w.org/"
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8