Overview

URL rgsmpro.com/non-aliquam/documents.zip
IP43.254.18.15
ASNYuan-Jhen Info., Co., Ltd
Location Taiwan
Report completed2022-06-23 23:30:51 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-06-23 2 rgsmpro.com/non-aliquam/documents.zip Malware
2022-06-23 2 rgsmpro.com/js/morphext.min.js Malware
2022-06-23 2 rgsmpro.com/js/jquery.countTo.js Malware
2022-06-23 2 rgsmpro.com/js/jquery.easing.min.js Malware
2022-06-23 2 rgsmpro.com/images/logo.svg Malware
2022-06-23 2 rgsmpro.com/js/validator.min.js Malware
2022-06-23 2 rgsmpro.com/js/scripts.js Malware
2022-06-23 2 rgsmpro.com/js/popper.min.js Malware
2022-06-23 2 rgsmpro.com/js/jquery.magnific-popup.js Malware
2022-06-23 2 rgsmpro.com/js/isotope.pkgd.min.js Malware
2022-06-23 2 rgsmpro.com/js/bootstrap.min.js Malware
2022-06-23 2 rgsmpro.com/js/jquery.min.js Malware
2022-06-23 2 rgsmpro.com/js/swiper.min.js Malware
2022-06-23 2 rgsmpro.com/non-aliquam/documents.zip Malware
2022-06-23 2 rgsmpro.com/webfonts/fa-solid-900.woff2 Malware
2022-06-23 2 rgsmpro.com/webfonts/fa-brands-400.woff2 Malware
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (11)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] rgsmpro.com (24) 0 2020-08-26 21:13:29 UTC 2022-06-15 17:31:04 UTC 43.254.18.15 Unknown ranking
[Mnemonic Passive DNS] ocsp.pki.goog (7) 175 2017-06-14 07:23:31 UTC 2022-06-23 11:59:42 UTC 142.250.74.3
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (5) 1631 2017-09-01 03:40:57 UTC 2022-06-23 14:13:18 UTC 34.120.237.76
[Mnemonic Passive DNS] r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-06-23 04:53:45 UTC 23.36.77.32
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-06-23 04:53:43 UTC 54.230.111.7
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-06-23 16:00:56 UTC 93.184.220.29
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-06-23 04:55:40 UTC 35.160.51.228
[Mnemonic Passive DNS] fonts.googleapis.com (2) 8877 2017-01-30 04:59:43 UTC 2019-10-16 05:12:41 UTC 142.250.74.10
[Mnemonic Passive DNS] fonts.gstatic.com (3) 0 2017-01-30 04:59:51 UTC 2022-06-23 04:54:56 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.65


Recent reports on same IP/ASN/Domain

Last 8 reports on IP: 43.254.18.15

Date UQ / IDS / BL URL IP
2022-07-05 14:04:23 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-05 02:52:52 +0000
0 - 0 - 12 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-03 12:00:37 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-01 21:54:18 +0000
0 - 0 - 15 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-29 08:35:40 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-28 07:58:40 +0000
0 - 0 - 15 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-27 08:13:11 +0000
0 - 0 - 14 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-22 22:31:23 +0000
0 - 0 - 14 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15

Last 10 reports on ASN: Yuan-Jhen Info., Co., Ltd

Date UQ / IDS / BL URL IP
2022-07-05 14:04:23 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-05 02:52:52 +0000
0 - 0 - 12 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-03 15:42:37 +0000
0 - 0 - 12 www.summerland.com.tw/upload/files/bux-free-r (...) 103.1.221.109
2022-07-03 12:00:37 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-02 10:18:04 +0000
0 - 0 - 1 www.wang-sheng.com.tw/portal_c1_cnt.php?owner (...) 103.17.9.208
2022-07-01 21:54:18 +0000
0 - 0 - 15 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-01 06:13:56 +0000
0 - 0 - 0 www.amashop.tw/cdmall/smilepay.zip 103.17.8.63
2022-07-01 06:13:22 +0000
0 - 0 - 0 www.amashop.tw/cdmall/vqmod.zip 103.17.8.63
2022-07-01 06:13:06 +0000
0 - 0 - 0 www.amashop.tw/cdmall/template.zip 103.17.8.63
2022-07-01 06:13:04 +0000
0 - 0 - 0 www.amashop.tw/cdmall/upload.zip 103.17.8.63

Last 8 reports on domain: rgsmpro.com

Date UQ / IDS / BL URL IP
2022-07-05 14:04:23 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-05 02:52:52 +0000
0 - 0 - 12 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-03 12:00:37 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-07-01 21:54:18 +0000
0 - 0 - 15 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-29 08:35:40 +0000
0 - 0 - 16 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-28 07:58:40 +0000
0 - 0 - 15 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-27 08:13:11 +0000
0 - 0 - 14 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15
2022-06-22 22:31:23 +0000
0 - 0 - 14 rgsmpro.com/non-aliquam/documents.zip 43.254.18.15


JavaScript

Executed Scripts (13)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (53)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "22A7AFFA696C3188DD074DEB68A2EC519EA227AC839D0238C9F82660B9E14D6A"
Last-Modified: Tue, 21 Jun 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17763
Expires: Fri, 24 Jun 2022 04:26:37 GMT
Date: Thu, 23 Jun 2022 23:30:34 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 23 Jun 2022 22:33:44 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xLcx87o9t5KopnxeIyQDDiDxahsPZGEA3biAdgT9XL78DltNmbIHgg==
Age: 3410


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 23 Jun 2022 02:10:52 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7QHdOHdKGkFl6fwFfVNwu7Bgtnvdxxnu3CR5Gk7AIOn56T1WAcD0xw==
age: 76783
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Thu, 23 Jun 2022 23:30:34 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /non-aliquam/documents.zip HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         43.254.18.15
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Server: openresty
Date: Thu, 23 Jun 2022 23:30:35 GMT
Content-Length: 253
Connection: keep-alive
Location: https://rgsmpro.com/non-aliquam/documents.zip


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   253
Md5:    107b8b136a05f0e4cc5856823608c3d6
Sha1:   0cf1a0d0839f4f6bf397b38c352555a9b8b85e7c
Sha256: adc0dccb1a2b6f39740379df2d88f615101df4c9fe16a04e35a80cd0fcb17afb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 23 Jun 2022 23:11:58 GMT
Expires: Thu, 23 Jun 2022 23:39:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -XrnEglkRxaBGdG82nsQIHlO7IFEbCEZaOv9PVOlT-FBHn8QbvLTLA==
Age: 1117


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3857
Cache-Control: max-age=121270
Date: Thu, 23 Jun 2022 23:30:35 GMT
Etag: "62b41f40-1d7"
Expires: Sat, 25 Jun 2022 09:11:45 GMT
Last-Modified: Thu, 23 Jun 2022 08:07:28 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LHPKxJqf5TlbcYa+XGIc6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.160.51.228
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RHU/e4nOyP+23jmMnoqmdRtSs+8=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "2E06B9B385D9CDB1B49CAD8785D2372F08BE85E7D9FF7B5176E3E941371AFDA2"
Last-Modified: Thu, 23 Jun 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21562
Expires: Fri, 24 Jun 2022 05:29:58 GMT
Date: Thu, 23 Jun 2022 23:30:36 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10139
Expires: Fri, 24 Jun 2022 02:19:36 GMT
Date: Thu, 23 Jun 2022 23:30:37 GMT
Connection: keep-alive

                                        
                                            GET /css?family=Montserrat:600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Jun 2022 23:30:36 GMT
date: Thu, 23 Jun 2022 23:30:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1043
Md5:    2a414b09005d6d1c74dc54412feb6552
Sha1:   aeeb3bc2dce8b8d437c908dae24289f7d5b1af94
Sha256: 1f65e92bff3940f6d88437c266755baccb330fb71b79b091ac8262bb93888e23
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10139
Expires: Fri, 24 Jun 2022 02:19:36 GMT
Date: Thu, 23 Jun 2022 23:30:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10139
Expires: Fri, 24 Jun 2022 02:19:36 GMT
Date: Thu, 23 Jun 2022 23:30:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1394332035FF30FC505CCB0EB81DD131660600CACDD2559D109B725075B69669"
Last-Modified: Tue, 21 Jun 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10139
Expires: Fri, 24 Jun 2022 02:19:36 GMT
Date: Thu, 23 Jun 2022 23:30:37 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8773da87-c09d-42d7-9054-5fd332193a06.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 10163
x-amzn-requestid: e50196c4-867f-4cd7-9d2f-de07b0c514a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UMdEUHjFIAMF6vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b4dbb5-1cf97b3d0b970df06b091796;Sampled=0
x-amzn-remapped-date: Thu, 23 Jun 2022 21:31:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8g-6kAldCwE5olUMewrXMhVZvVLlgX3WPIYH4C8nJe8rydC9GVGE5Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 22:02:01 GMT
age: 5316
etag: "a63fe56db3c08a52bec457c869094fb37d4abdcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10163
Md5:    486e472ddbc5dc4684b18d17e6cacd7d
Sha1:   a63fe56db3c08a52bec457c869094fb37d4abdcd
Sha256: 046c795f40b6f080bf9e97ee894e88126cb64fa87a3e3c96c990f25c310adbef
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3892679f-4cba-4b4d-9999-d06aff9c2708.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8993
x-amzn-requestid: 08f08197-4277-4810-82d0-c0e0fbc206e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: T9Z0wFeZoAMFe-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62aed684-7b0350b01666a9782ce4b7ef;Sampled=0
x-amzn-remapped-date: Sun, 19 Jun 2022 07:55:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0yGnupHWNJtm8eX4dRno7ysl_RV8pMeZwm7o2NaLFbUwW3aE8zSeXw==
via: 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 05:57:27 GMT
age: 63190
etag: "b71ad03b98790dd12453b50ac6434a2d6b50c5cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8993
Md5:    4760b9caf6104b37434b30e11467dab9
Sha1:   b71ad03b98790dd12453b50ac6434a2d6b50c5cf
Sha256: 8e8d01b1e92d019dfead23f89323c85f540698328b42d780bfc9850e9185644d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd503013e-1d8c-401f-9cec-1ff9f66e12cc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6301
x-amzn-requestid: 9626bf34-3a9c-4ceb-b1ce-a6850ac5e08e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UHxQ6GTwIAMFpBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b2fc05-3b334b5b16dea3084acc58e6;Sampled=0
x-amzn-remapped-date: Wed, 22 Jun 2022 11:24:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NYjWJg3ZDJuiVVXOP2XhQba_4_Dj7cyfljOVt6EeUEHKeFZHfr316A==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 13:05:59 GMT
age: 37478
etag: "0d1c278b921fb50ab3e7c31851f099efbecbbbc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6301
Md5:    86fa458d383f4e14f204f22d50693fb6
Sha1:   0d1c278b921fb50ab3e7c31851f099efbecbbbc2
Sha256: 94629bc0b7076f2af81b4507f9fe8bd2b5cc71ea751957e38101e4220f3681e0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa820a46a-765f-44c7-a419-1416079d7858.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 14752
x-amzn-requestid: 3198cf2a-fea9-41f0-985c-404fb3f7b0d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UC6TDFLPIAMF7Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b10a79-3f7fa56b3cf26b5c4092f635;Sampled=0
x-amzn-remapped-date: Tue, 21 Jun 2022 00:02:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: egolKRje-6jaJseK9_atbODoixEI0Ax5pkWlQH55Awj5c2xcNUxMKA==
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 01:07:33 GMT
age: 80584
etag: "70511c4ed709ee934897dfb4d67e4dcb162acc29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   14752
Md5:    04d57f33c32649ce18f99c9063b7ca02
Sha1:   70511c4ed709ee934897dfb4d67e4dcb162acc29
Sha256: 321e550281abc225a3176edb6b69b020c7432d284fdd89adc53195c343529c09
                                        
                                            GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
                                        
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 23 Jun 2022 23:30:36 GMT
date: Thu, 23 Jun 2022 23:30:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8566
Md5:    b437535c3518d4130bcaa850f23bf6ea
Sha1:   b741abe2b0ec6a8610f49c2b5a01b98f0621896b
Sha256: ad43cea693ec069f77ff4294c715fc758a30bf44edadcf8441cd1b0d0937cdfc
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b96f859-10eb-474c-8b8c-9e5902b28bd8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 4878
x-amzn-requestid: 3caca75d-3753-41f1-a4ec-277c173b26b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UJgx6FZ0IAMFbFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62b3ae72-39f08dc910314e8f247ffd44;Sampled=0
x-amzn-remapped-date: Thu, 23 Jun 2022 00:06:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0PmqyPibimYVX8rYVY3HbTcsEGTrWDA5L40dzwo1fS0CCyJrgMJOJg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 23 Jun 2022 00:24:25 GMT
age: 83172
etag: "1abc297d329369f4aee445a5eabab7fa089ce764"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4878
Md5:    c90b3735180499df633f9fc6272ff632
Sha1:   1abc297d329369f4aee445a5eabab7fa089ce764
Sha256: 00f8db77cec74be5fb70d1d5bd351fee3dfdc2d807a861184f28e47344a760ad
                                        
                                            GET /css/bootstrap.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Thu, 04 Feb 2021 11:14:59 GMT
accept-ranges: bytes
content-length: 173597
content-type: text/css
date: Thu, 23 Jun 2022 23:30:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   173597
Md5:    d26ecc887c12f855a908679dae6704e3
Sha1:   eb513f44232e0854b251fc2b499bdbf9ad59e3e7
Sha256: 4a64845cd000ad3810f1247a90aa723ff37e8c0f1ff2af0aa46d2a4257522a8b
                                        
                                            GET /css/styles_h1-large_add.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Thu, 05 Nov 2020 04:04:27 GMT
accept-ranges: bytes
content-length: 459
content-type: text/css
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   459
Md5:    691880376a46414a9278ed478b499df8
Sha1:   fd3fb5f4be96506e04ebe5df1ade78784d21fec2
Sha256: 1a68e8b26b5a9b6bb2f27b57f81b51806cf1628830bd43df65b56a3f34722945
                                        
                                            GET /js/morphext.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 1014
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1014), with no line terminators
Size:   1014
Md5:    6db5449e756b858fc376ea662aab817a
Sha1:   384a56b05af02a655286bd9f52a25653aed2a7ac
Sha256: a86df3be0eff7f90991f057c21e6907c16391e6f8cd0a4773cc93d9401e9dfdb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/wait.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 08 Jun 2021 13:36:49 GMT
accept-ranges: bytes
content-length: 563
content-type: text/css
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   563
Md5:    3a2ca91aeaee54a7a00f32c1fab72189
Sha1:   8fdc357f963a14536734df3d0a14b73cf44712cb
Sha256: c2f61002e419d447a47e766cc000007d4ffe92d8adfeaf312b8072124e35eec2
                                        
                                            GET /css/magnific-popup.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:16 GMT
accept-ranges: bytes
content-length: 6951
content-type: text/css
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6951
Md5:    30b593b71d7672658f89bfea0ab360c9
Sha1:   d6963db6faa9294387bb3175813a61bc3f859437
Sha256: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
                                        
                                            GET /js/jquery.countTo.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 3752
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3752
Md5:    1a5c26e1a4aa761ff5ef8130a464c4dc
Sha1:   e8966f581ce5f97b055d54571730e0fc1ad378f7
Sha256: c455ee54aa8e166e7115ab64be9ca2485b2777c720c5ff169aaa4938d1cf5b40

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/swiper.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:16 GMT
accept-ranges: bytes
content-length: 22252
content-type: text/css
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1468)
Size:   22252
Md5:    1851f33dc9691c0e3add75ed375d01d2
Sha1:   adbf7407cf26fab5c7b616e7d01db7603c4f4cf5
Sha256: 236deb28a05cd3e421dfc28b93417c91f98ba1043d178752d1ff34eb825fbbc2
                                        
                                            GET /css/styles.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Fri, 20 Aug 2021 02:01:18 GMT
accept-ranges: bytes
content-length: 47671
content-type: text/css
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   47671
Md5:    6fdabafc868789b1d3e634d913ca38e7
Sha1:   61200872169a198f30cafd156bc3bc013579b97c
Sha256: 07718e0cbf0292cbef91f72e6161bee950a2255c3b7e2f6b6ac45f6f84d620f3
                                        
                                            GET /js/jquery.easing.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 5958
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (4004)
Size:   5958
Md5:    b62c744f5635480a0eabd225a04b7452
Sha1:   e1fd1d78867a8171c0f69148f350c098e4d4c8d0
Sha256: f9b2277cb79f77cfa984fc713bda988da89f9699509a30eee234404efa79b32e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css/fontawesome-all.css HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:16 GMT
accept-ranges: bytes
content-length: 51609
content-type: text/css
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (317)
Size:   51609
Md5:    0a2ed388e9c6ab831acb42c006aa91a3
Sha1:   a4c3b243e5c4952207fffbfaec2109646fd0238b
Sha256: 022726742abc2f7fe2465c44525098c41abe3f82b8084140bdc5ad477dcb5af1
                                        
                                            GET /images/logo.svg HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 10 Aug 2021 07:41:19 GMT
accept-ranges: bytes
content-length: 5900
content-type: image/svg+xml
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   5900
Md5:    40d0b62c02878163adbd5eff03e9ba97
Sha1:   b15557ede7be1066fd9c9d79b124ae1c097fb9bd
Sha256: 1d394434239c226a6ea0bc3042ee884d9c8acadf90cb85e8015d29b0f759b193

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /images/loading.gif HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 10 Aug 2021 07:41:19 GMT
accept-ranges: bytes
content-length: 17851
content-type: image/gif
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 235 x 235\012- data
Size:   17851
Md5:    f0851a0e9a4e1974cb040decf8efaab0
Sha1:   9014380a8ac2f162f47543f7a4dbd9d70c4c7635
Sha256: 15299eef44507f20ce996db2da88e668377dd7cc573373a10d07e394396890c5
                                        
                                            GET /js/validator.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 8925
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7453)
Size:   8925
Md5:    06b115e7b21a5c38565a728c6208ffc3
Sha1:   dd3ff164c9e06b75fed5c1180efbdefe809c8c26
Sha256: 7a36764fad50aefeda6dc9a7ffa8f37c1b79cab2c00111ab7f7650b26397cdb3

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/scripts.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 08 Jun 2021 13:39:59 GMT
accept-ranges: bytes
content-length: 12318
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   12318
Md5:    98f980175bc01f7573d5e6dc3abd1337
Sha1:   4e06a32df0537bee4d25d0c9c076f17eab104a72
Sha256: 26c94fafe400aaf043feec95e565fe4206999bf0ce6309e37b1c8ac6d025de05

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/popper.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 20337
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (20164)
Size:   20337
Md5:    83fb8c4d9199dce0224da0206423106f
Sha1:   d8503645c17f9856868a7def3dc0505e19a95ec7
Sha256: f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/jquery.magnific-popup.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 21678
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (21547)
Size:   21678
Md5:    7790b276800430f76800dcf5c23975f2
Sha1:   07827b88639608e31a913e8985c87081ac7eb542
Sha256: ca682da05f4de47c26f8d1bf8a2604a9d7c61ab60d20860e0c883099a29f07ac

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/isotope.pkgd.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 35445
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32019)
Size:   35445
Md5:    2afcff647ed260006faa71c8e779e8d4
Sha1:   c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98
Sha256: 081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 51039
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (50758)
Size:   51039
Md5:    67176c242e1bdc20603c878dee836df3
Sha1:   27a71b00383d61ef3c489326b3564d698fc1227c
Sha256: 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rgsmpro.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12804
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Jun 2022 17:14:56 GMT
expires: Wed, 21 Jun 2023 17:14:56 GMT
cache-control: public, max-age=31536000
age: 195342
last-modified: Tue, 26 Apr 2022 14:39:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12804, version 1.0\012- data
Size:   12804
Md5:    eb7d03ac4d0688b70a1b20d09ddac526
Sha1:   3664d3efad896b6280b3737d21d3b63ce65a80a8
Sha256: 1efb6b34aee777f657af03fc18ab7ec444bcb7025b175edbd489c3c984035f34
                                        
                                            GET /s/montserrat/v24/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXo.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rgsmpro.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12708
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Jun 2022 17:15:49 GMT
expires: Wed, 21 Jun 2023 17:15:49 GMT
cache-control: public, max-age=31536000
age: 195289
last-modified: Tue, 26 Apr 2022 14:37:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 12708, version 1.0\012- data
Size:   12708
Md5:    2cf5a6461ec731526fd48b30fc1a8379
Sha1:   0a9c5920cef6c25ae593b30f6b3a0ed2e0c191eb
Sha256: e7816b6bd80713ced0fabbf061d7ad97d6d1ff4fbf94a1e2b17fbd61421a3a17
                                        
                                            GET /s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rgsmpro.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Jun 2022 19:34:58 GMT
expires: Thu, 22 Jun 2023 19:34:58 GMT
cache-control: public, max-age=31536000
age: 100540
last-modified: Wed, 11 May 2022 19:25:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 16720, version 1.0\012- data
Size:   16720
Md5:    c416910cae8fe4258cdf8c35933e9f4c
Sha1:   4a768ba0a3abc49b572c08c235db9f066ffc2b18
Sha256: 9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 23 Jun 2022 23:30:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/jquery.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 86927
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   86927
Md5:    a09e13ee94d51c524b7e2a728c7d4039
Sha1:   0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
Sha256: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /js/swiper.min.js HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rgsmpro.com/non-aliquam/documents.zip
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:19 GMT
accept-ranges: bytes
content-length: 120744
content-type: application/javascript
date: Thu, 23 Jun 2022 23:30:37 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65274)
Size:   120744
Md5:    b1f64dfa2d087716f481fa44c2081015
Sha1:   9d58d6faa734363bd967c589e349d53e1a79ad91
Sha256: 84b8d2fe1999ee412b63c8a0fde3de58d3d4459d51c095bb7b7102af43a41478

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /non-aliquam/documents.zip HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
set-cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; expires=Fri, 24-Jun-2022 00:30:36 GMT; Max-Age=3600; path=/ PHPSESSID=f1cgsohu3l417s4hatru90rs52; path=/
content-type: text/html; charset=UTF-8
date: Thu, 23 Jun 2022 23:30:36 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   14346
Md5:    924155d06ebd64900bd91f0f8c35224c
Sha1:   f243b3374aefb9fabcd164fb3d2154bc9c7cdd8c
Sha256: afcc76b371e68134b191bf4a7fa5ad46a051c35314767c4139076cfbcb3fe3a1

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rgsmpro.com/css/fontawesome-all.css
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:25 GMT
accept-ranges: bytes
content-length: 50372
content-type: font/woff2
date: Thu, 23 Jun 2022 23:30:38 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 50372, version 1.0\012- data
Size:   50372
Md5:    8a8c0474283e0d9ef41743e5e486bf05
Sha1:   1ba4dd60af529d1a72d0e57467c3bc0bbb728a4d
Sha256: cbbca7d9888b4a9eab7d479756d2924f9b067fd38dab376797029df741f96ee4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: rgsmpro.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://rgsmpro.com/css/fontawesome-all.css
Cookie: web_session=w1FBIievXy9GqZEWEsRlSHUMB1ekz%2F%2Fv0MAgdEEOrgL6QPAmKuHzFd2qfTNZXkcBkx2E1RUTJioRH5erstTYwFmfaP%2F8YL8CBapqXVCJsNWP2Z4VWf1SKszOK%2FO1OmAyeGCZKXMdyyEB77wBRa4TYryu3vPlOM0%2Feel0Z6dfx2QS1%2BrtoAJ9NW%2FB6gekFYcmjWYqzP2QJthqoehYB%2BZQ0KKt6%2B7VvUeu2ZDMjdzg3v22ctKP2giCgGI5QxqUXkfVp0SzmVirgMwY9QnNNntOXRxGjqjg94J6StpX501vptN1v4BZpfBZWtQ38nyaA5uE4xZ5xjQ5eURJR3fSDFU3vInqaYSCiIvdYc6GekX51eQJ8jLdPiVoYXoFv7q4u91n5d7be9d25a0eb3a80d8e51ac7c54abb122a92e9d; PHPSESSID=f1cgsohu3l417s4hatru90rs52
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         43.254.18.15
HTTP/2 200 OK
                                        
last-modified: Tue, 15 Sep 2020 19:16:25 GMT
accept-ranges: bytes
content-length: 61336
content-type: font/woff2
date: Thu, 23 Jun 2022 23:30:38 GMT
server: Apache
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 61336, version 1.0\012- data
Size:   61336
Md5:    3654744dc6d6c37c9b3582b57622df5e
Sha1:   0ec12ea1707f5bc812b627f41cccad2aff01e54b
Sha256: 1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Alerts:
  Blocklists:
    - fortinet: Malware