manager.principlerec.com/
51.79.11.195301 Moved Permanently 162 B URL HTTP/1.1 manager.principlerec.com/
IP 51.79.11.195:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Sep 2022 19:01:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://manager.principlerec.com/
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5461
Expires: Fri, 09 Sep 2022 20:32:53 GMT
Date: Fri, 09 Sep 2022 19:01:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 18:05:55 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: OgGBVb3AOEEFF5VPgM1NBWd3q887FnR2_N1z8aZPTFMBMg67HWz-sA==
Age: 3357
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1zhFMHMQ0I1o3HaRGj1sjCK1ssnfSv0HznztXhNxZPd1rLPQCjOhdQ==
age: 54918
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 18:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 19:45:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tJpeHVW_LPzkaBH5Q4EI8UDtX5A3g-JnrLXWV_p4-evsWQDNOq5Q3g==
Age: 346
manager.principlerec.com/
51.79.11.195302 Found 0 B URL HTTP/2 manager.principlerec.com/
IP 51.79.11.195:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/html; charset=utf-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; expires=Fri, 09-Sep-2022 20:02:53 GMT; Max-Age=3660; path=/; HttpOnly
sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u; expires=Sat, 10-Sep-2022 03:01:53 GMT; Max-Age=28800; path=/; HttpOnly
location: https://manager.principlerec.com/authentication/login
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 19:01:53 GMT
Last-Modified: Fri, 09 Sep 2022 17:32:46 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
manager.principlerec.com/authentication/login
51.79.11.195200 OK 5.7 kB URL HTTP/2 manager.principlerec.com/authentication/login
IP 51.79.11.195:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (694), with CRLF, LF line terminators
Hash 266f706d3a603996ddf1978b67b54ba9
9f939f05c2228ebc2c0ea933828aea41bbcc86a7
46dfb68202e98fe6d74d4eb190be471be6956e6dc590df9adb991619c6de63e4
Analyzer Verdict Alert fortinet Malware
GET /authentication/login HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/html; charset=utf-8
content-length: 5667
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; expires=Fri, 09-Sep-2022 20:02:53 GMT; Max-Age=3660; path=/; HttpOnly
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/7.4.30, PleskLin
X-Firefox-Spdy: h2
manager.principlerec.com/assets/css/reset.min.css?v=2.9.3
51.79.11.195200 OK 514 B URL HTTP/2 manager.principlerec.com/assets/css/reset.min.css?v=2.9.3
IP 51.79.11.195:0
File type ASCII text, with very long lines (971), with no line terminators
Hash 71d0474794c4d99e89bc360c28340869
7d4c049a698d44dd686d0e4e93421e10fad3e6dc
0003da1c9ba6f1805b8f14780c117fbdf006c59c853271cc9d9a1842d91e9f31
Analyzer Verdict Alert fortinet Malware
GET /assets/css/reset.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
content-length: 514
x-accel-version: 0.01
last-modified: Sun, 23 Jan 2022 12:13:04 GMT
etag: "3cb-5d63ec6223400-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eqHB71d8OSow13uyDmxXaQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1v9nNYHh8hS3v7X97zwv3yZbyB4=
manager.principlerec.com/assets/plugins/roboto/roboto.css?v=2.9.3
51.79.11.195200 OK 263 B URL HTTP/2 manager.principlerec.com/assets/plugins/roboto/roboto.css?v=2.9.3
IP 51.79.11.195:0
Hash 04879b4eb221ad7eb1a2a173375d8ad5
555e74d1ea628bcbc63b6324c76a7c7ad706896b
14d4fff1afe0ab8a656924ee94a1f8055d97f11a6ca0033c2a222508528664ca
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/roboto/roboto.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
content-length: 263
x-accel-version: 0.01
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: "3de-5d63ec7ebf780-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
manager.principlerec.com/modules/si_custom_theme/assets/css/si_custom_theme_style_client.css
51.79.11.195200 OK 256 B URL HTTP/2 manager.principlerec.com/modules/si_custom_theme/assets/css/si_custom_theme_style_client.css
IP 51.79.11.195:0
File type ASCII text, with CRLF line terminators
Hash e78f90ceceaa16dfa97cfdab875d794a
437ed9709be6ff867be15219145d6afb92605ec0
2a1d866091103a74889174e59bf130eb5df5ec9c8b97ce3497e291b17b71ae07
GET /modules/si_custom_theme/assets/css/si_custom_theme_style_client.css HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
content-length: 256
x-accel-version: 0.01
last-modified: Thu, 03 Feb 2022 05:03:43 GMT
etag: "1ed-5d7160eed9239-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
manager.principlerec.com/uploads/company/3d2f366f5c179c305aa1858670181546.png
51.79.11.195200 OK 2.8 kB URL HTTP/2 manager.principlerec.com/uploads/company/3d2f366f5c179c305aa1858670181546.png
IP 51.79.11.195:0
File type PNG image data, 300 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c25b4d0f9147abe0da70594276cfb72
239252dda90ee8ec10a0f487c264ea86e993d93c
2722b35637f92ef89b74218bde04c1435453fe28b16fa3e018ed24a2ddf62e7a
GET /uploads/company/3d2f366f5c179c305aa1858670181546.png HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: image/png
content-length: 2834
last-modified: Thu, 03 Feb 2022 04:57:51 GMT
etag: "61fb60cf-b12"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/roboto/fonts/Regular/Roboto-Regular.woff2?v=1.1.0
51.79.11.195200 OK 63 kB URL HTTP/2 manager.principlerec.com/assets/plugins/roboto/fonts/Regular/Roboto-Regular.woff2?v=1.1.0
IP 51.79.11.195:0
File type Web Open Font Format (Version 2), TrueType, length 63412, version 2.0\012- data
Hash bde1ca6a5d7cefc8108c75fdaad29ed6
1e042848a06b43a9369952c636bca41f95cfc316
cc7b26ac53700f78f8a452be6d14f14943e88dceb14edf64cddceba6e66f3f5e
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/roboto/fonts/Regular/Roboto-Regular.woff2?v=1.1.0 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://manager.principlerec.com/assets/plugins/roboto/roboto.css?v=2.9.3
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:54 GMT
content-type: font/woff2
content-length: 63412
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: "61ed466e-f7b4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
manager.principlerec.com/uploads/company/favicon.png
51.79.11.195200 OK 1.9 kB URL HTTP/2 manager.principlerec.com/uploads/company/favicon.png
IP 51.79.11.195:0
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash c2207f41b6eeaceb6644e620e9fc1c72
118ad2f09337d01c630da2edc441861ac91eb3d0
800440321c485ba430c39e9717b8e2d6bba62c636c34dbc6b1433e0195fe443f
GET /uploads/company/favicon.png HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:54 GMT
content-type: image/png
content-length: 1866
last-modified: Thu, 03 Feb 2022 04:57:51 GMT
etag: "61fb60cf-74a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/lightbox/images/prev.png
51.79.11.195200 OK 1.4 kB URL HTTP/2 manager.principlerec.com/assets/plugins/lightbox/images/prev.png
IP 51.79.11.195:0
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 84b76dee6b27b795e89e3649078a11c2
6640a3432f7ba7aea6129cdf7a5d3eabd47c295c
7fd9273f20fdb1229c224341271a119020a5eee74ccf6b4605730917c864caf2
GET /assets/plugins/lightbox/images/prev.png HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:54 GMT
content-type: image/png
content-length: 1360
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: "61ed466e-550"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/lightbox/images/next.png
51.79.11.195200 OK 1.4 kB URL HTTP/2 manager.principlerec.com/assets/plugins/lightbox/images/next.png
IP 51.79.11.195:0
File type PNG image data, 50 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash 31f15875975aab69085470aabbfec802
777e92c050f600b4519299c3d786b8f2f459fea4
15b869b02c6fbaa8c6c26445a2dd2d9bad80fd27b1409f8179e5dd89dc89d90a
GET /assets/plugins/lightbox/images/next.png HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:54 GMT
content-type: image/png
content-length: 1350
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: "61ed466e-546"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/lightbox/images/loading.gif
51.79.11.195200 OK 8.5 kB URL HTTP/2 manager.principlerec.com/assets/plugins/lightbox/images/loading.gif
IP 51.79.11.195:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 2299ad0b3f63413f026dfec20c205b8f
cf720b50cf8dde0e1a84ce1c6a77788bfc5882d5
225aa88b6ab02c06222ec9468d62e15fa188e39cdb9431d1f55401ad380753ed
GET /assets/plugins/lightbox/images/loading.gif HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:54 GMT
content-type: image/gif
content-length: 8476
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: "61ed466e-211c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/lightbox/js/lightbox.min.js?v=2.9.3
51.79.11.195200 OK 66 kB URL HTTP/2 manager.principlerec.com/assets/plugins/lightbox/js/lightbox.min.js?v=2.9.3
IP 51.79.11.195:0
File type ASCII text, with very long lines (9089)
Hash d7836aff45cb44b129422ea3f66206b7
6cde4269a8a1c0d4a3341b37936b9c374b925c04
73f07a74945a2f8722b0f57d92a22db06b13dc88182e0bbd707cc2bf33e3dc9a
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/lightbox/js/lightbox.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: W/"61ed466e-249c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/lightbox/images/close.png
51.79.11.195200 OK 280 B URL HTTP/2 manager.principlerec.com/assets/plugins/lightbox/images/close.png
IP 51.79.11.195:0
File type PNG image data, 27 x 27, 8-bit colormap, non-interlaced\012- data
Hash d9d2d0b1308cb694aa8116915592e2a9
3ca48361cfe0e41163023d03c26296f375bb3eac
5d62e6c90005bfb71f6abb440f9e4753681cb23bbd5e60477ab6f442d2f0e69c
GET /assets/plugins/lightbox/images/close.png HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:54 GMT
content-type: image/png
content-length: 280
x-accel-version: 0.01
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: "118-5d63ec7ebf780"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4863
Expires: Fri, 09 Sep 2022 20:22:57 GMT
Date: Fri, 09 Sep 2022 19:01:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4863
Expires: Fri, 09 Sep 2022 20:22:57 GMT
Date: Fri, 09 Sep 2022 19:01:54 GMT
Connection: keep-alive
manager.principlerec.com/assets/plugins/datetimepicker/jquery.datetimepicker.min.css?v=2.9.3
51.79.11.195200 OK 4.7 kB URL HTTP/2 manager.principlerec.com/assets/plugins/datetimepicker/jquery.datetimepicker.min.css?v=2.9.3
IP 51.79.11.195:0
File type ASCII text, with very long lines (16502)
Hash ee2c294d002cda77ee2ad5e4305499c2
d0a69464a43ea78b8858572d60708bbae1e895d4
aea216cf3801b6974ee22b9fa5e6b5a72a1eebc6638cab6b6a8b9d16f860b0b1
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/datetimepicker/jquery.datetimepicker.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:12 GMT
etag: W/"61ed4658-4077"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4863
Expires: Fri, 09 Sep 2022 20:22:57 GMT
Date: Fri, 09 Sep 2022 19:01:54 GMT
Connection: keep-alive
manager.principlerec.com/assets/themes/perfex/css/style.min.css?v=2.9.3
51.79.11.195200 OK 8.7 kB URL HTTP/2 manager.principlerec.com/assets/themes/perfex/css/style.min.css?v=2.9.3
IP 51.79.11.195:0
File type ASCII text, with very long lines (39843), with no line terminators
Hash f9310e7589034851eb6787e6c6394c27
f7afd60288deeb2e524495eaefc7224cbce61f4a
dcd95a548e557eb0946b266c364d60915611ddbb3aaff9fb41f4ed8160723fe7
Analyzer Verdict Alert fortinet Malware
GET /assets/themes/perfex/css/style.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:48 GMT
etag: W/"61ed467c-9ba3"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:20 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 52174
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zdVUahmbPQ7sQMlg14M89JOwjN2PEM03GNLYEwxPjcaioRpyqb8isA==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:26:32 GMT
age: 74122
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: eaf81b32-3b53-4e89-a9d0-943bc9f9982f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X0j0QFhxoAMF-Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6311b34e-114287d30092033a2b54ec01;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 07:39:58 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: _mlXN3nJ7ZPcUDWIqqiv2CB6dkSJ2Y-AZIXNs4xOj18ZX6DYMdhXAA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:46:19 GMT
age: 76535
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/bootstrap/css/bootstrap.min.css?v=2.9.3
51.79.11.195200 OK 27 kB URL HTTP/2 manager.principlerec.com/assets/plugins/bootstrap/css/bootstrap.min.css?v=2.9.3
IP 51.79.11.195:0
File type ASCII text, with very long lines (65369)
Hash 16fbf80ea4f89714b4cead6f4897ccad
cf764b09c4d2f2a596c8510e64025bfcdf8dc929
ec8d036ca43c878edcefcc0b51ad0de9997b76e9d41b0e9214aaf68add4b80a6
GET /assets/plugins/bootstrap/css/bootstrap.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:06 GMT
etag: W/"61ed4652-1da71"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 21:45:36 GMT
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
age: 76578
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/datatables/datatables.min.css?v=2.9.3
51.79.11.195200 OK 5.7 kB URL HTTP/2 manager.principlerec.com/assets/plugins/datatables/datatables.min.css?v=2.9.3
IP 51.79.11.195:0
File type Unicode text, UTF-8 text, with very long lines (4327)
Hash a7dd36576e04596fcf20a3520bb8d33c
a8c314e11e45386d51a9b373efe83848a6d8d3e5
f137ecf20d709c9ae0ccfa164c2599fad280f2595c7928f908bcd90d1a48b382
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/datatables/datatables.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:12 GMT
etag: W/"61ed4658-2000"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/Chart.js/Chart.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/Chart.js/Chart.min.js?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/Chart.js/Chart.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:10 GMT
etag: W/"61ed4656-244cb"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/bootstrap/js/bootstrap.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/bootstrap/js/bootstrap.min.js?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/bootstrap/js/bootstrap.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:06 GMT
etag: W/"61ed4652-92e8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/themes/perfex/js/global.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/themes/perfex/js/global.min.js?v=2.9.3
IP 51.79.11.195:0
GET /assets/themes/perfex/js/global.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:48 GMT
etag: W/"61ed467c-7c6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/datatables/datatables.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/datatables/datatables.min.js?v=2.9.3
IP 51.79.11.195:0
GET /assets/plugins/datatables/datatables.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:12 GMT
etag: W/"61ed4658-1f71f1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/bootstrap-colorpicker/css/bootstrap-colorpicker.min.css?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/bootstrap-colorpicker/css/bootstrap-colorpicker.min.css?v=2.9.3
IP 51.79.11.195:0
GET /assets/plugins/bootstrap-colorpicker/css/bootstrap-colorpicker.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:06 GMT
etag: W/"61ed4652-f9d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/css/bs-overides.min.css?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/css/bs-overides.min.css?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/css/bs-overides.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:04 GMT
etag: W/"61ed4650-2a60"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/datetimepicker/jquery.datetimepicker.full.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/datetimepicker/jquery.datetimepicker.full.min.js?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/datetimepicker/jquery.datetimepicker.full.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:12 GMT
etag: W/"61ed4658-ee46"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/builds/common.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/builds/common.js?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/builds/common.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:04 GMT
etag: W/"61ed4650-6c3d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/bootstrap-colorpicker/js/bootstrap-colorpicker.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/bootstrap-colorpicker/js/bootstrap-colorpicker.min.js?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/bootstrap-colorpicker/js/bootstrap-colorpicker.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:06 GMT
etag: W/"61ed4652-4914"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/font-awesome/css/font-awesome.min.css?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/font-awesome/css/font-awesome.min.css?v=2.9.3
IP 51.79.11.195:0
GET /assets/plugins/font-awesome/css/font-awesome.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:22 GMT
etag: W/"61ed4662-7918"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/builds/bootstrap-select.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/builds/bootstrap-select.min.js?v=2.9.3
IP 51.79.11.195:0
GET /assets/builds/bootstrap-select.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:04 GMT
etag: W/"61ed4650-10339"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/jquery-validation/jquery.validate.min.js?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/jquery-validation/jquery.validate.min.js?v=2.9.3
IP 51.79.11.195:0
GET /assets/plugins/jquery-validation/jquery.validate.min.js?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:30 GMT
etag: W/"61ed466a-5add"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/bootstrap-select/css/bootstrap-select.min.css?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/bootstrap-select/css/bootstrap-select.min.css?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/bootstrap-select/css/bootstrap-select.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:06 GMT
etag: W/"61ed4652-2b6b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/lightbox/css/lightbox.min.css?v=2.9.3 HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: text/css
last-modified: Sun, 23 Jan 2022 12:13:34 GMT
etag: W/"61ed466e-b1e"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
manager.principlerec.com/assets/plugins/jquery/jquery.min.js
51.79.11.195200 OK 0 B URL HTTP/2 manager.principlerec.com/assets/plugins/jquery/jquery.min.js
IP 51.79.11.195:0
Analyzer Verdict Alert fortinet Malware
GET /assets/plugins/jquery/jquery.min.js HTTP/1.1
Host: manager.principlerec.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://manager.principlerec.com/authentication/login
Cookie: csrf_cookie_name=a404e66cfe9426a36d3b12071fab5434; sp_session=giu65p3bbq80h6a8tc9emrce65ibvd5u
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 19:01:53 GMT
content-type: application/javascript
last-modified: Sun, 23 Jan 2022 12:13:28 GMT
etag: W/"61ed4668-152b5"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2