r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4399
Expires: Mon, 06 Feb 2023 06:18:41 GMT
Date: Mon, 06 Feb 2023 05:05:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7600
Expires: Mon, 06 Feb 2023 07:12:02 GMT
Date: Mon, 06 Feb 2023 05:05:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 04:36:27 GMT
content-type: application/json
age: 1735
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15240
Expires: Mon, 06 Feb 2023 09:19:22 GMT
Date: Mon, 06 Feb 2023 05:05:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Fox/Wn7BUn0QlEZGtwvt7IUw0e/EvZI4v3521mRQwoGj/+oT9sFIpTAvZ4iElhg2GrDOy5AK+E4wpFwsfnJafA==
x-amz-request-id: 5ZSCGA9XRHN0TJ1H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 04:24:48 GMT
age: 2434
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 05:05:22 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 04:51:19 GMT
age: 844
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5095
Expires: Mon, 06 Feb 2023 06:30:18 GMT
Date: Mon, 06 Feb 2023 05:05:23 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.143.37101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.143.37:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bB8AI8fznIUBNIxc6gNrew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pSlELlWqbhXgmJEUkJKkkR63ID0=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2358
Expires: Mon, 06 Feb 2023 05:44:42 GMT
Date: Mon, 06 Feb 2023 05:05:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2358
Expires: Mon, 06 Feb 2023 05:44:42 GMT
Date: Mon, 06 Feb 2023 05:05:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2358
Expires: Mon, 06 Feb 2023 05:44:42 GMT
Date: Mon, 06 Feb 2023 05:05:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cb0dab387816c4b691190ec83c2f0f06
9c56d516ae0178b5b0d8bbf2b16e2e7fbe25e358
6655307747227d7905f0eca1aaefda6147e4ae443fb9fb20cdb6a336aaab5b67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7158f70-9e7b-4725-8249-e7061700f1ee.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8528
x-amzn-requestid: e93b73c3-b49f-470a-b972-8c6fe7d9e652
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fwD8cHE3IAMFrcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dcb382-761ec61c00e22de22685c613;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 07:10:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hOW3ItcOvly9oJYApUQOk4XBKY915R-uo9SF1lfyJlo8xfFbfNl_Yw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Feb 2023 00:23:10 GMT
age: 16934
etag: "9c56d516ae0178b5b0d8bbf2b16e2e7fbe25e358"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 336b665bfad04ec8ed14b01bbf17566d
92102d4c75d2c7efd8197be88e3cb467d2682190
1e21687a242c058a3b442909b168c5e706175b1e93e51cfce691c6f033f795d7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe482817c-a09c-4952-a819-3ff2f99810ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8039
x-amzn-requestid: b36a6062-0676-4abc-820c-959bc02810f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4pkoECwIAMF4hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e022ea-52faddc079b7107004e8cfea;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:43:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MOgI0aopvRaUSJ-YFH6QFNpGxhUNlpnLk7VeCeOsmcrGTUYIESN2Hg==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:13:33 GMT
age: 24711
etag: "92102d4c75d2c7efd8197be88e3cb467d2682190"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
34.120.237.76200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6107217bc206ebf204dfcf832cffc04
4f370e81106ef09ce9294eaa074ff6922197ded0
2cc25b8ddf56ceb274bd147d4e54f3fc386a97f984aa3a7bcc19f083fe68b94f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5aedadb2-31f3-4d54-b851-5dd3a166179d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3943
x-amzn-requestid: 918fd8d6-0118-4548-9380-e3078577a876
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzWBtEdKoAMFwnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de03a4-6d8ffde860d89fbc513a20f9;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:05:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: hPsc7zznCEVYwIcs20winuIWf7m2aX4mg9glVuoAepKrti2Oi_mAFw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 07:09:31 GMT
age: 78953
etag: "4f370e81106ef09ce9294eaa074ff6922197ded0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a24cf7b2db6d65c3fe5daf78b3309ced
a3653a9a7baea412808dd91572ff21e1a505c26f
f55ee98bab5ce53d6acc1cac7f54f089b42d5f2ffbe750d869c4f4a7bc26f715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3288563a-8f6e-4597-833f-b5512e91e772.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13230
x-amzn-requestid: 8171829a-cf6d-4c33-99a1-f3cef7cd4475
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiTH8GoAMFYLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1597a0f06ef3db2534a101aa;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Nvfp0sEYw5bxnFHisq80WCXh6T-LdFlPqs95tyX2epjMfhM_hjUj0A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:03 GMT
age: 26121
etag: "a3653a9a7baea412808dd91572ff21e1a505c26f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d8c3ebd17a435401c7f9fe3b8f842be
f2106be148fea23bf961fcdb69ea4cb127aa5f3e
ee708e68414539c75ddc077e0be7b75a86fd4fc9b6c1ddd1da86d0b9aca35558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ba57757-8c86-4311-801e-5e416095984a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4442
x-amzn-requestid: 1bb3d1b3-ff58-4b0d-9a2b-c25797530c5d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQG1JoAMFRtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-1bb478453ececa9613e7e4a2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9U-7wtL1xaLoE87hXcnrcTp-LCseI5ne10812N_9F_arqyi703w7Ng==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:10 GMT
age: 26114
etag: "f2106be148fea23bf961fcdb69ea4cb127aa5f3e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WPChtMRjKafjMFkXCam-m5lHQ-4E-UZ5VwnfjrBKaz6nuOh70Fkunw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:46 GMT
age: 25358
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
m921743x.beget.tech/
185.50.25.23200 OK 18 kB IP 185.50.25.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2230), with CRLF, LF line terminators
Hash a8625d3324901a529d04ee32aa9f7d95
5970d7d98b3638c48afe0f90192603c661f945f6
638bf94dd3e83d1830b06d0949805bc919b98f66aebb82db1a81fa3b6d3d91ec
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 17912
Connection: keep-alive
Keep-Alive: timeout=30
X-Powered-By: PHP/7.1.33
Set-Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, public
Pragma: no-cache
X-Pingback: http://m921743x.beget.tech/xmlrpc.php
Link: <http://m921743x.beget.tech/wp-json/>; rel="https://api.w.org/", <http://m921743x.beget.tech/>; rel=shortlink
Vary: Accept-Encoding
Content-Encoding: gzip
m921743x.beget.tech/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17
185.50.25.23200 OK 4.8 kB URL HTTP/1.1 m921743x.beget.tech/wp-includes/css/dist/block-library/style.min.css?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (29271), with no line terminators
Hash dd7c1726a47a6a643915b33ff7d58ff1
af1eebb836aa766817ed21c3e35d2a3eb3e1aaba
d45cf6975f3b7ec4e2f867d0e6f718b8950a0245132bda965240d0d49c7a2c65
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/css
Last-Modified: Thu, 15 Apr 2021 05:36:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6077d0cd-7257"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
fonts.googleapis.com/css?family=Droid+Serif:100,300,400,600,700,900,300italic,400italic,700italic,900italic&subset=latin
142.250.74.106200 OK 347 B URL HTTP/1.1 fonts.googleapis.com/css?family=Droid+Serif:100,300,400,600,700,900,300italic,400italic,700italic,900italic&subset=latin
IP 142.250.74.106:0
Hash 7879558bc66b0121e4804b544739665b
bd0860257054e8265e82bb7c33de3037ee1f066d
f82be40961adcae265ab2cbbb9bf2b005442ac3b7e62548452f814320a7fdd43
GET /css?family=Droid+Serif:100,300,400,600,700,900,300italic,400italic,700italic,900italic&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 06 Feb 2023 05:05:25 GMT
Date: Mon, 06 Feb 2023 05:05:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Montserrat:100,300,400,600,700,900,300italic,400italic,700italic,900italic&subset=latin
142.250.74.106200 OK 778 B URL HTTP/1.1 fonts.googleapis.com/css?family=Montserrat:100,300,400,600,700,900,300italic,400italic,700italic,900italic&subset=latin
IP 142.250.74.106:0
Hash c683b10ef4e9c552e18f23142936d6e6
9a7bd6c17d6d00379f1be0e7b92a1658c20b357c
7350fea74396c378069074c8135bcd57b75672840a855e1a48131c2f2a78b0c8
GET /css?family=Montserrat:100,300,400,600,700,900,300italic,400italic,700italic,900italic&subset=latin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 06 Feb 2023 05:05:25 GMT
Date: Mon, 06 Feb 2023 05:05:25 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/chosen/chosen.jquery.min.js
185.50.25.23200 OK 6.5 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/chosen/chosen.jquery.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (27346)
Hash f9097c24f3d406b0d9c12b555e1fd5be
ce26939d009e18e5671d61201ea4df374c96bc3d
711d1c56c0a53ca76d33ae6898ca1ef327770cd2438e18e79582bb6cc8620f46
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/chosen/chosen.jquery.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-6b4b"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/uploads/noo_jobmonster/custom.css
185.50.25.23200 OK 4.7 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/uploads/noo_jobmonster/custom.css
IP 185.50.25.23:0
File type ASCII text, with very long lines (14146)
Hash f9f87d551fc461b86dc2da636ef381c6
147248b2b276030c75e5519d7cfd8056cf733cda
7323fdd209923b1a8bf6aa7300b5e76bbed81d63e1bbd3eb478dfb69677b1a1e
GET /wp-content/uploads/noo_jobmonster/custom.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/css
Last-Modified: Thu, 08 Aug 2019 12:31:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4c1610-4f2b"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/style.css
185.50.25.23200 OK 394 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/style.css
IP 185.50.25.23:0
Hash e43ba9244aecb94997078f4b3b29c7e2
237fbcce77c7f2baa4036bc62f56eff1e8e7f2b5
b3030d88e9f2435ed0e38fdd2bbadc7c151e8f4cc3eb6e09caf6fb2cdb425c53
GET /wp-content/themes/noo-jobmonster/style.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-26e"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/chosen/chosen.css
185.50.25.23200 OK 2.6 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/chosen/chosen.css
IP 185.50.25.23:0
Hash 010ec4993272054567978c7cbbde6652
5d1a4ddf7c8d9a16f8cb3e708dcdd4cf7fe493fb
7f783a0f74edf44f899b02bdfbd9cdcb75fc02e0830bea91b848333055d069cd
GET /wp-content/themes/noo-jobmonster/framework/vendor/chosen/chosen.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-3250"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-multiselect/bootstrap-multiselect.css
185.50.25.23200 OK 475 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-multiselect/bootstrap-multiselect.css
IP 185.50.25.23:0
Hash 5cb03e26b631cbf15780e40b170bd930
a33fb7c19d60c082a2fa7b51fa0ed81996c5ef2e
f987dad164395dc5c96cd46325b2a4912d63efccc7c490d7bffa11d30fdcb263
GET /wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-multiselect/bootstrap-multiselect.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-61c"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
maps.googleapis.com/maps/api/js?sensor=false&language=ru_RU&libraries=places
142.250.74.42200 OK 56 kB URL HTTP/1.1 maps.googleapis.com/maps/api/js?sensor=false&language=ru_RU&libraries=places
IP 142.250.74.42:0
File type ASCII text, with very long lines (2587)
Hash 3877a42dbf896770ba53ca30b1cc4ae1
5b90cb9a86b00c778ddd85e202e01e6f902bbf8a
d7f4155d90aa1bbf35473f52ac4f78d67fdd5c1ef8b78915c9e4efaf9ffa1dbb
GET /maps/api/js?sensor=false&language=ru_RU&libraries=places HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Date: Mon, 06 Feb 2023 05:05:26 GMT
Expires: Mon, 06 Feb 2023 05:35:26 GMT
Cache-Control: public, max-age=1800
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Encoding: gzip
Server: mafe
Content-Length: 56364
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=34
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/icon-picker/icon-picker.css?ver=5.2.17
185.50.25.23200 OK 530 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/icon-picker/icon-picker.css?ver=5.2.17
IP 185.50.25.23:0
Hash 5ebe07cab825aaafbb892e7ca938f714
8e177dfc78dd8451f0fa514c8874775c0b252574
4d3b26ef2f11b96f9fac9be8e44820d66488b447f2787d9c1682b6d1b3dd8dec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/icon-picker/icon-picker.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-640"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/css/owl.carousel.css?ver=5.2.17
185.50.25.23200 OK 528 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/css/owl.carousel.css?ver=5.2.17
IP 185.50.25.23:0
Hash a70757c9c5b45b8b3e693066dee5c63c
4ddc02d2eac2bb1a9ccc446ff1e19641ee8f7279
97e2ca1b06a80ecd57e1514d54bec8904727d25dc47f878b41d204c72e8535de
GET /wp-content/themes/noo-jobmonster/assets/css/owl.carousel.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-5c4"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
www.bing.com/api/maps/mapcontrol?key=&callback=JM_Picker_Bing_Map
204.79.197.200302 Found 134 B URL HTTP/2 www.bing.com/api/maps/mapcontrol?key=&callback=JM_Picker_Bing_Map
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 7a9bfad1256fc46228c0ed33acb60696
b112db2ebb6750ccc763c76b38ee447c524d314d
90b385ff528acedf95ef0722da528605417674543137c5aed48e989f670073d8
GET /api/maps/mapcontrol?key=&callback=JM_Picker_Bing_Map HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private
content-length: 134
content-type: text/html; charset=utf-8
content-encoding: br
location: /maps/sdkrelease/mapcontrol?key=&callback=JM_Picker_Bing_Map
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: SUID=M; domain=.bing.com; expires=Mon, 06-Feb-2023 17:05:26 GMT; path=/; secure; HttpOnly; SameSite=None
MUID=11C805ABAFB16B423552171BAE446A4F; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
MUIDB=11C805ABAFB16B423552171BAE446A4F; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; HttpOnly
_EDGE_S=F=1&SID=3E3A8A0F49B2639A328398BF4847621D; domain=.bing.com; path=/; HttpOnly
_EDGE_V=1; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; HttpOnly
SRCHD=AF=NOFORM; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
SRCHUID=V=2&GUID=90BC7F7137D742CFB9C277DBE76E39C3&dmnchg=1; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
SRCHUSR=DOB=20230206; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
_SS=SID=3E3A8A0F49B2639A328398BF4847621D; domain=.bing.com; path=/; secure; SameSite=None
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: AFD10D85B0384C87AAA8655F75EB8417 Ref B: OSL30EDGE0110 Ref C: 2023-02-06T05:05:26Z
date: Mon, 06 Feb 2023 05:05:25 GMT
X-Firefox-Spdy: h2
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/genericons/genericons.css?ver=5.2.17
185.50.25.23200 OK 16 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/genericons/genericons.css?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (19226)
Hash 3e3b96805988089945cc3f697e27519e
6cbec6a9b7cb4da55d48819f870bbe36858cbe09
c833699713c3f69a5c5c50ff5d615470bd10bc8e926022a343181289415bfb44
GET /wp-content/themes/noo-jobmonster/framework/vendor/genericons/genericons.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-6b7d"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/css/owl.theme.css?ver=5.2.17
185.50.25.23200 OK 640 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/css/owl.theme.css?ver=5.2.17
IP 185.50.25.23:0
Hash c6fa30d1fc84594bc7ded9c901c82ddc
bbec8e94a112e95c7d4976f426299dbc15bbd77d
a16d1a7c5b64b316ed33a8967e9dcc7da855f057703190c8ba3f26bbc1cddebb
GET /wp-content/themes/noo-jobmonster/assets/css/owl.theme.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-699"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/css/noo.css
185.50.25.23200 OK 69 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/css/noo.css
IP 185.50.25.23:0
File type ASCII text, with very long lines (540)
Hash bc0f643137927db3f279b64257fe82f9
46c5fc4ceeb8184d20b5ea16cd8b3af6fcfa22a5
d25d3238ef034b2912bdff9b3457571af4bfe40d2696c768a0dd9d252b8ebf27
GET /wp-content/themes/noo-jobmonster/assets/css/noo.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:25 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-7d1f9"
Expires: Mon, 13 Feb 2023 05:05:25 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-includes/css/dashicons.min.css?ver=5.2.17
185.50.25.23200 OK 28 kB URL HTTP/1.1 m921743x.beget.tech/wp-includes/css/dashicons.min.css?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (47529)
Hash 1a2b701fda7802e8e58f886616f80662
f77e377680820b6790d84894f8bab2a20edebc88
215dc9a68136b73bb51c080fe3a0ab2f1a0010e555de1d98a351a836fd99fdf3
GET /wp-includes/css/dashicons.min.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Thu, 15 Apr 2021 05:36:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6077d0cd-b9cc"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/jquery-confirm/jquery-confirm.min.css?ver=5.2.17
185.50.25.23200 OK 3.4 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/jquery-confirm/jquery-confirm.min.css?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (22251)
Hash 533d2f047afd72421ae6e46f97959a05
a84a9583b4e8129e1bd17aeefe617727fecae99c
e47a98ef3de11bfbfe559aa8d3ba36891f0786caca081fd6a083d35d3bd78dfd
GET /wp-content/themes/noo-jobmonster/assets/vendor/jquery-confirm/jquery-confirm.min.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-580a"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/DataTables/datatables.min.css
185.50.25.23200 OK 1.9 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/DataTables/datatables.min.css
IP 185.50.25.23:0
File type ASCII text, with very long lines (4292)
Hash 62e3a6330a200c1f8c509a850a18bfea
ba6c41b78d0288fa6908157cfd1605b949d3b715
addd32ec2767675ff1736fe4faa051a81f514e64bce3e5abb282b2c20591cd46
GET /wp-content/themes/noo-jobmonster/assets/vendor/DataTables/datatables.min.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-21be"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009
185.50.25.23200 OK 3.5 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009
IP 185.50.25.23:0
Hash 5d3de155c1949c9ef8d1b7fb935ec693
bff8965ba32cfea38f63b7a8c7fa96147c48831a
029a92ce73f43511b2d85eb5ef97662d9199cfe13f88fd506e7abf6cbc10c710
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4ac512-4bc2"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=20180625
185.50.25.23200 OK 16 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=20180625
IP 185.50.25.23:0
File type ASCII text, with very long lines (18732)
Hash 2a5dbcdd7a80aa61f9140952892ef960
87556a1c5d7fe11a8dbe7fbc5b65954705969859
4bb614cdc82eb9f84e83898c910cb270bfdff9162c88b890fb081f742d337753
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/genericons.css?ver=20180625 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4ac512-6e88"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406
185.50.25.23200 OK 1.3 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406
IP 185.50.25.23:0
Hash ff248dd4a387cf4f92cd494fc276cc11
2bfecdbfdbbfdeb58311da003aa6db5c4d8a64c8
14f793b371ab17ac7ac3dea5eb4ce3b76fac9da0293c2d57bf493f268f423a75
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/academicons.min.css?ver=20190406 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4ac512-1a66"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome.min.css?ver=20180625
185.50.25.23200 OK 7.0 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome.min.css?ver=20180625
IP 185.50.25.23:0
File type ASCII text, with very long lines (30831)
Hash 92fd86756a0596ca7ce6dcfa15bb04f4
f4d5d903ccffa3e54896d73015d5015dd9c6d05b
58ebc785bff148cc95911a64af46d7548e013d9b7c60b61603e5e20594657b86
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome.min.css?ver=20180625 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4ac512-7912"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
www.bing.com/maps/sdkrelease/mapcontrol?key=&callback=JM_Picker_Bing_Map
204.79.197.200200 OK 30 kB URL HTTP/2 www.bing.com/maps/sdkrelease/mapcontrol?key=&callback=JM_Picker_Bing_Map
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (33470), with CRLF line terminators
Hash df4d95b57a76d6b5935bdb316e0508ca
da494699ef3505c054a4485fc655b31dfb7845df
76d19925135d92333c979a2f3cef8ef17bc7da96df521d7c878529353b95d857
GET /maps/sdkrelease/mapcontrol?key=&callback=JM_Picker_Bing_Map HTTP/1.1
Host: www.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://m921743x.beget.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-length: 29731
content-type: application/javascript; charset=utf-8
content-encoding: br
vary: Accept-Encoding
p3p: CP="NON UNI COM NAV STA LOC CURa DEVa PSAa PSDa OUR IND"
set-cookie: SUID=M; domain=.bing.com; expires=Mon, 06-Feb-2023 17:05:26 GMT; path=/; secure; HttpOnly; SameSite=None
MUID=2C146C4D9D3C640B2D387EFD9CC9652C; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
MUIDB=2C146C4D9D3C640B2D387EFD9CC9652C; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; HttpOnly
_EDGE_S=F=1&SID=0ABDC784C9C26F9D0EA6D534C8376E1C; domain=.bing.com; path=/; HttpOnly
_EDGE_V=1; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; HttpOnly
SRCHD=AF=NOFORM; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
SRCHUID=V=2&GUID=5F252BD916A0486DB523A3CF55376382&dmnchg=1; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
SRCHUSR=DOB=20230206; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
SRCHHPGUSR=SRCHLANG=en; domain=.bing.com; expires=Sat, 02-Mar-2024 05:05:26 GMT; path=/; secure; SameSite=None
_SS=SID=0ABDC784C9C26F9D0EA6D534C8376E1C; domain=.bing.com; path=/; secure; SameSite=None
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 36EF0FEB32494C65A66B7126ABE2B829 Ref B: OSL30EDGE0110 Ref C: 2023-02-06T05:05:26Z
date: Mon, 06 Feb 2023 05:05:25 GMT
X-Firefox-Spdy: h2
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-wysihtml5/bootstrap-wysihtml5.css
185.50.25.23200 OK 603 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-wysihtml5/bootstrap-wysihtml5.css
IP 185.50.25.23:0
Hash 07229a45bf882bb357f5c2c27328e932
d48ecd2965432ff4422da32bdeec3ee7957b057e
9ab800ef77fc25b55875e738e6d6dc0ec64edd13a9500839ed80f441781df36a
GET /wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-wysihtml5/bootstrap-wysihtml5.css HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-94d"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
185.50.25.23200 OK 462 B URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
IP 185.50.25.23:0
File type ASCII text, with very long lines (1463), with no line terminators
Hash a11ed27c5bf81b65e4a44860c0a23705
ef6f85444a04ca158b920a1f5953343186732a7c
af9ea2b9d4195a00ae5cbfaf250bc18bfa9b9ebf5217769711796a3518c9b0bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 16:35:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4afdbb-5b7"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
185.50.25.23200 OK 4.0 kB URL HTTP/1.1 m921743x.beget.tech/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 185.50.25.23:0
File type ASCII text, with very long lines (9959)
Hash a6c81e2f02bd04160d2de88c4e8f3559
e3f3c91427d785820ca97dabe738f01faf041f36
b734d83af5da0eb627e04d3e62ce652b9eb7de19667a1b91da6b93f0ea5d7ffe
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 08 Aug 2019 14:31:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4c3244-2748"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
185.50.25.23200 OK 126 B URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
IP 185.50.25.23:0
File type ASCII text, with no line terminators
Hash ac7ecbcdc01fb980628e0ca076fd2c39
2df6d7adf64efc42e8f46243d5620c62879b59be
9f2cb415bb1b9656398091a9b2657b2dfe043c03a6526a9a12c6af51062e54c6
GET /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 16:35:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4afdbb-81"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
185.50.25.23200 OK 46 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7
IP 185.50.25.23:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a19868758578a8a06ffc93a9200d3e8f
a77b86eebd4bdb6337e08d8c32cd209233518f17
1f560ab9bb787ffeca42076c991e9e9ef1533e31ce043ed2be4da16689eae49f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.7 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:03:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe2f-76596"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
185.50.25.23200 OK 34 kB URL HTTP/1.1 m921743x.beget.tech/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP 185.50.25.23:0
File type ASCII text, with very long lines (31997)
Hash a5798cf6edb87e2f64df51a38eceef6a
a96934773339f6f36a5b37c5d6903ad95c062dca
d65dc5e8cea9e4daea184d6de7d896eb23d08f04b3bc20fb9b35b237e93ec6ce
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 08 Aug 2019 14:31:32 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4c3244-17a69"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/icon-picker/icon-picker.js?ver=1.0
185.50.25.23200 OK 4.6 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/icon-picker/icon-picker.js?ver=1.0
IP 185.50.25.23:0
Hash 76cfaadfede070a3047c2e11546d82a2
949f4dea3ceb148c73cd2604c51fb02fb7eae4e3
62467eed56f4ee7defd20b0df9a1dc02e9eaa1b008b4464d493e269fa101a46f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/icon-picker/icon-picker.js?ver=1.0 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-69de"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
185.50.25.23200 OK 18 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1
IP 185.50.25.23:0
File type ASCII text, with very long lines (64614), with CRLF line terminators
Hash f9f08906db0c9db201c229f363a85664
03879fb3cb37c7302a4e1147dcbf9f82d48624ee
0919cb684c2e2541f4f3181c9a41816b280d14a22e9ddcc430843390078c828d
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js?ver=5.4.8.1 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe30-fdb5"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/jquery-confirm/jquery-confirm.min.js
185.50.25.23200 OK 7.2 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/jquery-confirm/jquery-confirm.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (27605)
Hash b0a0b7b79be8ee0242d0ebd753fffe05
fb2809a1c0f161e59e44019517bcdfaed4e5b98a
99df4a1c346657b6cde112d0008bc8b6ae60b9f403f9a683b43ea39ca95540bb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/vendor/jquery-confirm/jquery-confirm.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-6cf8"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/fontawesome/css/font-awesome.min.css?ver=5.2.17
185.50.25.23200 OK 7.1 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/fontawesome/css/font-awesome.min.css?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (30837)
Hash 0ebb760c7d229fd1d2b3a63493306569
58961c039962ea4f5215caa2e0127a8658bcf847
18eecad8f04af6784d466cd2cad0337dea530bef457e6a7b3da473eea589b134
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/fontawesome/css/font-awesome.min.css?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-7918"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/notify.js
185.50.25.23200 OK 8.9 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/notify.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (1497)
Hash b91daf72ddb8c2f1be10d74f019cc414
d6b14a3c493df6ceec3ca32be51735909042a09d
1b0ee553a287402cb4fc75f19e218391f936b6d924ce6069970bbe82c569e184
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/vendor/notify.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-5336"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/locationpicker.jquery.js
185.50.25.23200 OK 4.1 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/locationpicker.jquery.js
IP 185.50.25.23:0
Hash 1910f7f9199a1d6d4a310e71f077ed03
ee3981f5ba95f51a3838f39e8aebf2c91a32771a
e08ddf714fe8bd0adf22098e9ec89b31cbf0ce450407a632a33396469432fe34
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/locationpicker.jquery.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-5306"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/modernizr-2.7.1.min.js
185.50.25.23200 OK 3.8 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/modernizr-2.7.1.min.js
IP 185.50.25.23:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (8447), with no line terminators
Hash 93b94fda0442e3626a9cf8896256ac98
4ab174fa51b00b7d102e0a02836c306d74b0a75a
71577791c43c32cfbebc607e9c03551d061f36ff99b9afe66f9df1db19d1de7b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/modernizr-2.7.1.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-20ff"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/DataTables/dataTables.responsive.min.js
185.50.25.23200 OK 4.6 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/DataTables/dataTables.responsive.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (572)
Hash 5c23b03b5d40116891ed155a77645caf
ce1913ec431168ff52b3b1e067b9e46c1a479c0e
2422985cbb31cf1a4c75f606f5bcc026983895bcc019aa061a7e38835f0184e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/vendor/DataTables/dataTables.responsive.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-32e7"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
185.50.25.23200 OK 4.0 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
IP 185.50.25.23:0
Hash 179ff7e7ba061cb009f29849fc15f071
f824ebc474c27b208137b68aa51d5d0d2b3a89e9
b889c73e9da05e33847d3ab6f1f98c172204c3e4cb2e4832863695f34e2270de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:33:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4ac4ff-3868"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/front-end-pm/assets/css/common-style.css?ver=11.1.1
185.50.25.23200 OK 754 B URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/front-end-pm/assets/css/common-style.css?ver=11.1.1
IP 185.50.25.23:0
Hash e4b5d053690a4e68a13f9a9ffc78dd01
5933c1b40a29edcde0da46dd1e7a5a772a7bee84
7622ebbda9566aa548b75f76f47bd5c4bfb0e8079808d38e6ea6041fa5382661
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/front-end-pm/assets/css/common-style.css?ver=11.1.1 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 13:05:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4acc88-9a6"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
185.50.25.23200 OK 9.6 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1
IP 185.50.25.23:0
File type Unicode text, UTF-8 text, with very long lines (5178), with CRLF line terminators
Hash 32d8fef334fd178398052529c40feb28
29002eaf2a3877bae23b4ccf8c6d72c4622145ea
50cf220734f07287449aef0d5b0ac126a2cc6148a7238449ab63e1c422c2caa1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/settings.css?ver=5.4.8.1 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: text/css
Last-Modified: Wed, 07 Aug 2019 12:03:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe2f-9b8c"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/jquery.touchSwipe.min.js
185.50.25.23200 OK 4.0 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/jquery.touchSwipe.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (11972), with no line terminators
Hash c78d0c525b9dd41a69dd9de66fe07ece
f7ade75d47428ad048a6e238bc26f562aa30ce04
624dcc2491baebeb58aa49f392d1c10ec712302b66a7a7aab776ff8345065807
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/jquery.touchSwipe.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-2ec4"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap.min.js
185.50.25.23200 OK 9.8 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (32003)
Hash 0bee8c57c245e51585ea2b966ce25ba5
0ad5a45376d643bb56485a512551897b148cc8b6
c525cf77b524feba202236e6e9e6e36cec09c81befcf283aacc3b06a6bce1ce5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/bootstrap.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-9004"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-multiselect/bootstrap-multiselect.js
185.50.25.23200 OK 13 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-multiselect/bootstrap-multiselect.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (318)
Hash 143cdf467add0f31b8f7d9c44c572952
18430f9f215662238370f5329fb06e7396e9bab7
36b96269be907b7a9f8a1b6207a7a217557d714918bc1113093be80cecfe2d1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-multiselect/bootstrap-multiselect.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-10d84"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-includes/js/comment-reply.min.js?ver=5.2.17
185.50.25.23200 OK 1.0 kB URL HTTP/1.1 m921743x.beget.tech/wp-includes/js/comment-reply.min.js?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (2160), with no line terminators
Hash f393330905d21de1c465e5e59ea89dd6
344dc6d285ed039eb73ec4d8d6e766ae7a2b9c75
c5c95b0bff967815549fbb0e6ee02ac12c500440603cb4858451804a32435ddc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 15 Apr 2021 05:36:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6077d0ce-870"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/DataTables/datatables.min.js
185.50.25.23200 OK 124 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/vendor/DataTables/datatables.min.js
IP 185.50.25.23:0
File type Unicode text, UTF-8 text, with very long lines (1716)
Size 124 kB (124353 bytes)
Hash 2e24c7822cff054ddbe3ce396cfcb86e
d1e924784cd488953547ee626496d9e1d34a9214
bce48ae6234819488d08d7c691811a7e75efb24fd9e30bc93074852f0657dc33
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/vendor/DataTables/datatables.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-7745d"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/jplayer/jplayer-2.5.0.min.js
185.50.25.23200 OK 13 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/jplayer/jplayer-2.5.0.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (634)
Hash 4ca14fe33a487f78fb0309b6b1ca5914
d9e5861531773e87b667181bfbcbc81dc9770d2a
fc8e261991d043315d6ac81a77c75624e7713bd56fc8137dcb073c125473aaae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/jplayer/jplayer-2.5.0.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-cdde"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/hoverIntent-r7.min.js
185.50.25.23200 OK 601 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/hoverIntent-r7.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (1169)
Hash 8d058cdd242f88462c655df6192ec6ae
3e6f78fcec50acb10c9f2933c8c1e5fbe4c695bd
7a1a218e349fdf6dac720b285e914022f5400a23e4dc9d71c3e7756d2acda0c7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/hoverIntent-r7.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-56e"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/superfish-1.7.4.min.js
185.50.25.23200 OK 2.2 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/superfish-1.7.4.min.js
IP 185.50.25.23:0
File type Unicode text, UTF-8 text, with very long lines (3978)
Hash aaf95ab9604039959c341910c05e817a
8e219d6d10f1e319619e016affc043c753748c36
202d485e2f910df7ad56b7f400a94cb9a0bed1ec546aa6e27a33b6c673c1e127
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/superfish-1.7.4.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-15f0"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/noo.min.js
185.50.25.23200 OK 3.4 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/noo.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (9880), with no line terminators
Hash 93e30f0dd85008abacedf06d1c5925ea
c020cac4c2a5fe001733945dfcc4d3ba3a0dc380
baaaa63afa5d559965d45cb09f2bd32963a1000300ab07871d00ed4d65bef615
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/js/min/noo.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-2698"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/jquery.blockUI.min.js
185.50.25.23200 OK 3.3 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/jquery.blockUI.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (9161), with no line terminators
Hash 5a014eae8f7de73da621af277072d73d
7d7d2b8bccc7de39dcba898b6bc95239af9b12f1
9a55bbadbfc038b6f7f74027a5a716ba6934ca665c78d6cad79e0b19d2b547ef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/js/min/jquery.blockUI.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-23c9"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/member.min.js
185.50.25.23200 OK 4.4 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/member.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (16005), with no line terminators
Hash bd11e27ad83be5e41f8d4f2e3b9bb808
275c718be7a9477fe4161aaf1beb98a4757d87e8
38430cbbc3660eb4bee0b6656bb44c4e2a3931cea482369b0fc4a5fcdca79989
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/js/min/member.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-3e85"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/jquery-validate/jquery.validate.min.js
185.50.25.23200 OK 7.4 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/jquery-validate/jquery.validate.min.js
IP 185.50.25.23:0
File type Unicode text, UTF-8 text, with very long lines (22932)
Hash 08bca7b78d398231767ba9e999cf14fe
a9c624fae4f82973e01a525fc3bb6b6bb779bfa1
3ab19fc3a6ab9225bdad072a165f9cb6b61b458fd89462c40b2a285a612e15d8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/jquery-validate/jquery.validate.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-5a1e"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/owl.carousel.min.js
185.50.25.23200 OK 6.3 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/owl.carousel.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (23770), with no line terminators
Hash 5620b325c86954df5499135743caa975
1259926aa014685d0145e957cf2395c1e381f6c8
8a0778213e4113b74a5681cd9ba6f14a065a5db5f20c312b0feecf1a3228570d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/owl.carousel.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-5cda"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/noo.login.social.min.js
185.50.25.23200 OK 1.7 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/noo.login.social.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (5610), with no line terminators
Hash fcebdd5cbaba9849129c1007373e6297
73813c683e80eee2b9d41f300b3f2d99a0634150
e4ef551710ddcfd580c7a031de854062608b210a585ebeb476b1aad49949f959
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/js/min/noo.login.social.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-15ea"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209
185.50.25.23200 OK 290 B URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209
IP 185.50.25.23:0
Hash 3108ac869e6160526e766f7888a3e652
f850c304852ab61cc105ac3566d6784c47e11bd0
cdc8252512fe47bcbd9dd1b200d94482d532455d4afd0d6c412026b078f57509
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/js/social-icons-widget-frontend.js?ver=20170209 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4ac512-35c"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/datetimepicker/jquery.datetimepicker.js
185.50.25.23200 OK 22 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/datetimepicker/jquery.datetimepicker.js
IP 185.50.25.23:0
File type Unicode text, UTF-8 text, with very long lines (327)
Hash 0fb0d8d6bfd6162edf32b43241eedf2a
03e8223fde8b64ed7c9310dd2bcaacbc39c19826
9172e57df8afbbcbe9ce7d67cdf87aada0ac1a1c8e5a69689f545e990a8a5cb0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/datetimepicker/jquery.datetimepicker.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-1753f"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
185.50.25.23200 OK 38 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1
IP 185.50.25.23:0
File type ASCII text, with very long lines (27287), with CRLF line terminators
Hash d30a64aaf355e8ec20ee27634dfce995
b9e145baa8aa01a6c28a8902f52bf40f3f9171a0
902e3fcef22aaf2cdcdf1d01089d2b20ebc28905265f92f67c80a2f64e5ee47a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js?ver=5.4.8.1 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe30-1afe4"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/job.min.js
185.50.25.23200 OK 4.4 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/assets/js/min/job.min.js
IP 185.50.25.23:0
File type ASCII text, with very long lines (17752), with no line terminators
Hash c99a7b08ff7f0c52e30eb773208ecb68
4b3a2577ce6a7b459ca38658fde4dde9e00bfc3c
04ef174221a21d48ab238e0ce680989ce005225ff04cc61a5ebeda5b362a0055
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/assets/js/min/job.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-4558"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-includes/js/wp-embed.min.js?ver=5.2.17
185.50.25.23200 OK 739 B URL HTTP/1.1 m921743x.beget.tech/wp-includes/js/wp-embed.min.js?ver=5.2.17
IP 185.50.25.23:0
File type ASCII text, with very long lines (1391), with no line terminators
Hash 60d8829560031a011771efa2f39708af
a4689c3b70f773deb896eec78028e0902ef15097
a0176bd4cc53bd2e920b0dfd10f56d2a4a3820d671539414ef4b3e2b3e50b9b7
GET /wp-includes/js/wp-embed.min.js?ver=5.2.17 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Thu, 15 Apr 2021 05:36:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"6077d0ce-56f"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
m921743x.beget.tech/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
185.50.25.23200 OK 5.7 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7
IP 185.50.25.23:0
File type ASCII text, with very long lines (19706), with no line terminators
Hash 7e76e8ec08b6706e3e5814ccecf4cefc
3be624813346feff0ee05ffac2d700a9411f1e6e
35f349a1c263c0e6669607bba7911e3467530bc4b12a0cbd492c6a577a3c35a7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.7 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:03:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe2f-4cfa"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
142.250.74.35200 OK 22 kB URL HTTP/1.1 fonts.gstatic.com/s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22476, version 1.0\012- data
Hash c221fd7b9d189773de5e54745a6dc28c
9a58a6bd08f6cda6acbfaaa160375d3e1c5c93f0
aee4051a20e975b9bb6fdc20984a091eb1f55c35ea87abe441db4cdbe8c116d0
GET /s/droidserif/v19/tDbI2oqRg1oM3QBjjcaDkOr9rAU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22476
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 21:53:12 GMT
Expires: Fri, 02 Feb 2024 21:53:12 GMT
Cache-Control: public, max-age=31536000
Age: 285134
Last-Modified: Tue, 19 Apr 2022 19:19:08 GMT
Content-Type: font/woff2
m921743x.beget.tech/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7
185.50.25.23200 OK 5.6 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7
IP 185.50.25.23:0
File type ASCII text, with very long lines (12478)
Hash 110451662a92ef88569b2d52fae3b086
712b1987586416a67c45ed59589e629ea82fd50f
383beedeb6d05008dd16e2ef1a2b526e1eb9e46b96ed988c4523517d2f2b6ef7
GET /wp-content/plugins/js_composer/assets/lib/bower/skrollr/dist/skrollr.min.js?ver=5.7 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:03:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe2f-3147"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/nOsImvSWxx4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/nOsImvSWxx4
IP 142.250.74.131:0
Hash 73ba682b91a5c1f4fec2d61ab188c5db
3cbad5c591292fb6d7e985e021cda62655df97ab
632a4dba0b3d207fad0fccd137fdbd5f5ae0c117afbd0fefe65cb2c1c582398b
POST /s/gts1p5/nOsImvSWxx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0a31b6d79db309236fb8afdd30634976
478901350be6ffb4a85646c739972d3015ef01ca
65b010ee48624bfc9a907ca6621ba9d44d712342ca5285d0bb2348b339220f07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4686
Cache-Control: max-age=130416
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:26 GMT
Etag: "63dfd2b8-117"
Expires: Tue, 07 Feb 2023 17:19:02 GMT
Last-Modified: Sun, 05 Feb 2023 16:00:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 30928
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 03 Feb 2023 10:07:00 GMT
Expires: Sat, 03 Feb 2024 10:07:00 GMT
Cache-Control: public, max-age=31536000
Age: 241106
Last-Modified: Mon, 11 Jul 2022 18:57:39 GMT
Content-Type: font/woff2
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash c40fb3e99bdf4c051379206b381f995b
3cf6ce4a866abbd13ce857357061a1cfa3a27690
0c45a6582686059e9d82919355c239be284c5740680f56332419ce0516280183
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 06 Feb 2023 05:05:26 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
142.250.74.35200 OK 21 kB URL HTTP/1.1 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 21276, version 1.0\012- data
Hash 59c9b83cc112cf7eeb3bf7a5e96b21fe
771790b776b5e1bc3039c337024e400974184208
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 21276
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 01 Feb 2023 03:39:57 GMT
Expires: Thu, 01 Feb 2024 03:39:57 GMT
Cache-Control: public, max-age=31536000
Age: 437129
Last-Modified: Mon, 11 Jul 2022 19:01:17 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
142.250.74.35200 OK 26 kB URL HTTP/1.1 fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 25980, version 1.0\012- data
Hash a73882a3738e4aa2ed2e10b93d97c94e
052309efbebfd9acc7e03599ddc3efcafd746feb
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
GET /s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25980
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 02 Feb 2023 01:39:35 GMT
Expires: Fri, 02 Feb 2024 01:39:35 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 19 Apr 2022 18:47:46 GMT
Content-Type: font/woff2
Age: 357951
m921743x.beget.tech/wp-content/uploads/2019/03/Devushka-s-telefonom-1920-500-1-1200x280.jpg
185.50.25.23200 OK 20 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/uploads/2019/03/Devushka-s-telefonom-1920-500-1-1200x280.jpg
IP 185.50.25.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=650, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1920], baseline, precision 8, 1200x280, components 3\012- data
Hash d2315e9073e90cd6ed0782989a77d407
c4534f00d24820d5bc985403bb2891526c45791f
2fc478b380bb0dfe0003959d585556361d71837b88537c5688c003343a3623f7
GET /wp-content/uploads/2019/03/Devushka-s-telefonom-1920-500-1-1200x280.jpg HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: image/jpeg
Content-Length: 20058
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "5d4abe33-4e5a"
Expires: Wed, 08 Mar 2023 05:05:26 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0a31b6d79db309236fb8afdd30634976
478901350be6ffb4a85646c739972d3015ef01ca
65b010ee48624bfc9a907ca6621ba9d44d712342ca5285d0bb2348b339220f07
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4686
Cache-Control: max-age=130416
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:26 GMT
Etag: "63dfd2b8-117"
Expires: Tue, 07 Feb 2023 17:19:02 GMT
Last-Modified: Sun, 05 Feb 2023 16:00:56 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf
185.50.25.23200 OK 50 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf
IP 185.50.25.23:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, socicon \012- data
Hash 638f87d7382086a745c9438da338d821
c8e7355dd7fdb930cffce93bdc65160e3457b6cb
a579bede0f166b157c53613b7c60d01a76c7b77dbce3bd010d4bcd9d10d8e454
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/socicon.ttf HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/socicon.css?ver=20181009
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-font-ttf
Content-Length: 50540
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
ETag: "c56c-58f86258de880"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Tue, 06 Feb 2024 05:05:26 GMT
m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0
185.50.25.23200 OK 77 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0
IP 185.50.25.23:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/social-icons-widget-by-wpzoom/assets/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://m921743x.beget.tech/wp-content/plugins/social-icons-widget-by-wpzoom/assets/css/font-awesome.min.css?ver=20180625
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Length: 77160
Connection: keep-alive
Keep-Alive: timeout=30
Last-Modified: Wed, 07 Aug 2019 12:33:22 GMT
ETag: "12d68-58f86258de880"
Accept-Ranges: bytes
Cache-Control: max-age=31536000, public
Expires: Tue, 06 Feb 2024 05:05:26 GMT
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/functions/noo-captcha.php?code=093ee
185.50.25.23200 OK 1.3 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/functions/noo-captcha.php?code=093ee
IP 185.50.25.23:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 100x40, components 3\012- data
Hash fa82c5feb98c45c15695718c6dd20d19
a462864b1dfe6eb6a4f47816eaace6f5b2b06c5e
3ba03362d2ee4a23f88cb42a2aa7f2213cec85527ce1ed190a6dd98c918d498e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/functions/noo-captcha.php?code=093ee HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: image/jpeg
Content-Length: 1321
Connection: keep-alive
Keep-Alive: timeout=30
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, public
Pragma: no-cache
r.bing.com/rp/KWq3LekLX0_XGaoNbmcAB0p1vqs.br.js
95.101.10.122200 OK 90 kB URL HTTP/2 r.bing.com/rp/KWq3LekLX0_XGaoNbmcAB0p1vqs.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 171f2a30057c957c27dcbc142decefd6
296ab72de90b5f4fd719aa0d6e6700074a75beab
782c475bdc612f35890a7493936adcfc7ca7eb400c47e486d6c80c5db89214bd
GET /rp/KWq3LekLX0_XGaoNbmcAB0p1vqs.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 89581
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: Fx8qMAV8lXwn3LwULezv1g==
last-modified: Mon, 30 Jan 2023 23:26:21 GMT
etag: 0x8DB031965BCC4D3
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 2fc5b73b-201e-00b9-280d-36732f000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=396735
expires: Fri, 10 Feb 2023 19:17:41 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386e0
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/aopcCyTUdY-IrIC-X9z2zKDdao0.br.js
95.101.10.122200 OK 22 kB URL HTTP/2 r.bing.com/rp/aopcCyTUdY-IrIC-X9z2zKDdao0.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 20e17d58157364f78498b499bf1faae6
6a8a5c0b24d4758f88ac80be5fdcf6cca0dd6a8d
10f880f445b478eea0fcf725f5beef4fc3685e2a54210c78b1d73fb4c2effda6
GET /rp/aopcCyTUdY-IrIC-X9z2zKDdao0.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 21866
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: IOF9WBVzZPeEmLSZvx+q5g==
last-modified: Thu, 15 Sep 2022 21:37:58 GMT
etag: 0x8DA97628EE86463
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 75299f02-a01e-0031-8039-fb9626000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=225074
expires: Wed, 08 Feb 2023 19:36:40 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386e5
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/LXwe98LGHyFLJroafz0uQFclF4s.br.css
95.101.10.122200 OK 1.5 kB URL HTTP/2 r.bing.com/rp/LXwe98LGHyFLJroafz0uQFclF4s.br.css
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4016), with no line terminators
Hash 54e9ba6ef11c4ce3dc8d65656233976a
2d7c1ef7c2c61f214b26ba1a7f3d2e405725178b
1ba82e85edf7cd22226543838d04bb1632a36ad156979f82294180312e1f3d3f
GET /rp/LXwe98LGHyFLJroafz0uQFclF4s.br.css HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 1472
content-type: text/css; charset=utf-8
content-encoding: br
content-md5: VOm6bvEcTOPcjWVlYjOXag==
last-modified: Thu, 15 Sep 2022 21:36:11 GMT
etag: 0x8DA97624F48D16B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: b88b5817-001e-00f3-4631-f8d0a0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=364787
expires: Fri, 10 Feb 2023 10:25:13 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386e6
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/oRnnfKYAsGL0_JShLkNCWVFIXzE.br.js
95.101.10.122200 OK 35 kB URL HTTP/2 r.bing.com/rp/oRnnfKYAsGL0_JShLkNCWVFIXzE.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type C source, ASCII text, with very long lines (65536), with no line terminators
Hash f8539c1498defc57d4f65a33663840de
30b90d4ff1261579989bd11efab3f6ec00840db6
f63537de7d78e8062d9a94868d7765199378675c49629aacf50316791929fe58
GET /rp/oRnnfKYAsGL0_JShLkNCWVFIXzE.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-md5: LAAOub4bcSyuk6SOFPmy3w==
last-modified: Thu, 10 Nov 2022 23:21:06 GMT
etag: 0x8DAC3723E7F362E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: e74edb65-301e-0023-7500-2bedf6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 34824
cache-control: public, no-transform, max-age=61737
expires: Mon, 06 Feb 2023 22:14:23 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386e4
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/nQgMOPZdJeR1m7Y1cRrRoyX1KEQ.br.js
95.101.10.122200 OK 33 kB URL HTTP/2 r.bing.com/rp/nQgMOPZdJeR1m7Y1cRrRoyX1KEQ.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0d4ceff0edb34913532767841ea71abb
9d080c38f65d25e4759bb635711ad1a325f52844
9fe6683b8fcec2b6341d1b951e58e11734aca7d26b83cb3e325a3cceb2cd5c5c
GET /rp/nQgMOPZdJeR1m7Y1cRrRoyX1KEQ.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 32792
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: DUzv8O2zSRNTJ2eEHqcauw==
last-modified: Fri, 04 Nov 2022 02:04:23 GMT
etag: 0x8DABE08E4A5A43A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 6f287757-a01e-006c-044e-319ca2000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=369352
expires: Fri, 10 Feb 2023 11:41:18 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386e7
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1760408ca802ec18446d11d5d30f9b4
928dac94b5dc964f9a78d37e5e1ec3e27c7e0249
f1944836cfd9a7bb1fb522d9db178c1e108a6c928b4fd68db0b2f544c316fbae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1944836CFD9A7BB1FB522D9DB178C1E108A6C928B4FD68DB0B2F544C316FBAE"
Last-Modified: Sun, 05 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21533
Expires: Mon, 06 Feb 2023 11:04:19 GMT
Date: Mon, 06 Feb 2023 05:05:26 GMT
Connection: keep-alive
r.bing.com/rp/SaASvOPPupnGJ9StbwEecDBjeBM.br.js
95.101.10.122200 OK 29 kB URL HTTP/2 r.bing.com/rp/SaASvOPPupnGJ9StbwEecDBjeBM.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 34f9fa307c5ca4d35ffa9de5a0821f58
e78c1dee2dfc1cd73918e9aafaf8e3c27d006edf
af23cdbf2be927d0835132b17dfcd3700eb46592a30984b7aa36090b37774a1c
GET /rp/SaASvOPPupnGJ9StbwEecDBjeBM.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-md5: f/2B1qP/1Bt0iGr+Z+ZDBw==
last-modified: Thu, 15 Sep 2022 21:37:45 GMT
etag: 0x8DA976286F27C41
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 46011b07-b01e-00ab-4904-f808ff000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 29205
cache-control: public, no-transform, max-age=369482
expires: Fri, 10 Feb 2023 11:43:28 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386e2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/Aul74W_D1uhwU6rtGOQjoPs6VoA.br.css
95.101.10.122200 OK 25 kB URL HTTP/2 r.bing.com/rp/Aul74W_D1uhwU6rtGOQjoPs6VoA.br.css
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash b07b5ea84ecf77b13b4b1d510356b768
02e97be16fc3d6e87053aaed18e423a0fb3a5680
5b958a45d3c073636a65199c6b12b33587fc6ccc949f4f3c3e5d21fb8ca2fb5b
GET /rp/Aul74W_D1uhwU6rtGOQjoPs6VoA.br.css HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 25369
content-type: text/css; charset=utf-8
content-encoding: br
content-md5: sHteqE7Pd7E7Sx1RA1a3aA==
last-modified: Thu, 05 Jan 2023 21:00:02 GMT
etag: 0x8DAEF5FD0926637
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 28c2cf68-001e-0007-7afe-2b1b56000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=82426
expires: Tue, 07 Feb 2023 03:59:12 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386ed
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/LO64djWG8AVjboo0QlBeu8YC-uI.br.js
95.101.10.122200 OK 69 kB URL HTTP/2 r.bing.com/rp/LO64djWG8AVjboo0QlBeu8YC-uI.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7b55cae5652277ec9580d166ec02c91c
2ceeb8763586f005636e8a3442505ebbc602fae2
43b4ff92ffb0c9219604019e6520221a93c7e9f102f31d0925b4c0cc1eb5780c
GET /rp/LO64djWG8AVjboo0QlBeu8YC-uI.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 69229
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: e1XK5WUid+yVgNFm7ALJHA==
last-modified: Tue, 06 Dec 2022 20:30:33 GMT
etag: 0x8DAD7C8B969DF98
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5d1cb4de-901e-003a-60fd-356d4d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=392774
expires: Fri, 10 Feb 2023 18:11:40 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386f2
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rb/3D/cir2,cc,nc/Lzu8fGHtUY0WqxVizZtDQ0Bt1Qo.css?bu=ApQHmgc&or=w
95.101.10.122200 OK 88 kB URL HTTP/2 r.bing.com/rb/3D/cir2,cc,nc/Lzu8fGHtUY0WqxVizZtDQ0Bt1Qo.css?bu=ApQHmgc&or=w
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash a2d1c5f85220ee75d2410a34ecd2e335
297dc5ae15e6cdb095fa24518dc1a4469e1000b6
d7046df1652c21ee1a56d779ccfe57343331f6c1c0d52e4850ff67f15395fbc5
GET /rb/3D/cir2,cc,nc/Lzu8fGHtUY0WqxVizZtDQ0Bt1Qo.css?bu=ApQHmgc&or=w HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 87755
content-type: text/css; charset=utf-8
server: Kestrel
access-control-allow-headers: *
access-control-allow-origin: *
content-encoding: br
last-modified: Mon, 19 Jul 2010 15:28:30 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
useragentreductionoptout: A7kgTC5xdZ2WIVGZEfb1hUoNuvjzOZX3VIV/BA6C18kQOOF50Q0D3oWoAm49k3BQImkujKILc7JmPysWk3CSjwUAAACMeyJvcmlnaW4iOiJodHRwczovL3d3dy5iaW5nLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY4NDg4NjM5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
x-as-instrumentationoptions: AppServerLoggingMaster=1
x-as-machinename: DUBEEAP00006E95
x-as-suppresssetcookie: 1
content-security-policy-report-only: script-src https: 'strict-dynamic' 'report-sample' 'nonce-LZu9qD35PiDhbaOO4HIHpQJJfeqm4vZODSg8+Lv7VdY='; base-uri 'self';report-to csp-endpoint
report-to: {"group":"csp-endpoint","max_age":86400,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingcsp"}]}, {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingrms"}]}
cross-origin-resource-policy: cross-origin
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
cache-control: public, max-age=171206
expires: Wed, 08 Feb 2023 04:38:52 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba386ff
timing-allow-origin: *
X-Firefox-Spdy: h2
r.bing.com/rp/PgZslZuu2vcwiZciV_22IQq3Ajk.br.js
95.101.10.122200 OK 3.4 kB URL HTTP/2 r.bing.com/rp/PgZslZuu2vcwiZciV_22IQq3Ajk.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (10376), with no line terminators
Hash d8510645f8e25120318902e1f6f49cc5
66403e8b3aeccb5ff333ba48767912a97458bf17
11e3e0c9308cf073728679091c983ac0fa20f5304009a278c571b5ae84b4ad52
GET /rp/PgZslZuu2vcwiZciV_22IQq3Ajk.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-md5: 7cn5Bc1RAzWOWbJ5CMoRuA==
last-modified: Thu, 15 Sep 2022 21:37:37 GMT
etag: 0x8DA97628248D640
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 58af28f6-201e-003f-7200-f8bf96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 3405
cache-control: public, no-transform, max-age=208872
expires: Wed, 08 Feb 2023 15:06:38 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba38703
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/M0AHramNM_vTkkJQ_Ibgt4vIkKs.br.js
95.101.10.122200 OK 26 kB URL HTTP/2 r.bing.com/rp/M0AHramNM_vTkkJQ_Ibgt4vIkKs.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9fab9d07afa00834d55686a1eb86d880
75f6946c7e91e236de32e08a3573ac413de4d9a5
e2d4792ea1ab93c05b108d1d1a8955a11687d4d3536a8bfdcdd9d6942377a846
GET /rp/M0AHramNM_vTkkJQ_Ibgt4vIkKs.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-md5: 1UgjKIm+nexxscMA8YlBEw==
last-modified: Thu, 15 Sep 2022 21:37:44 GMT
etag: 0x8DA97628678F092
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 5a491df7-501e-000a-55e4-f8d382000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
content-encoding: gzip
content-length: 25781
cache-control: public, no-transform, max-age=354731
expires: Fri, 10 Feb 2023 07:37:37 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba38704
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
r.bing.com/rp/rH1EkhFwf4TCWD9A-tVD7jIj1tU.br.js
95.101.10.122200 OK 2.9 kB URL HTTP/2 r.bing.com/rp/rH1EkhFwf4TCWD9A-tVD7jIj1tU.br.js
IP 95.101.10.122:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7758), with no line terminators
Hash 72a39de3fbf3985819d0333e67034901
ac7d449211707f84c2583f40fad543ee3223d6d5
02dd95716b507f472de20c93747954a93f371853efee38b367aa4fcbd0ec231a
GET /rp/rH1EkhFwf4TCWD9A-tVD7jIj1tU.br.js HTTP/1.1
Host: r.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 2851
content-type: text/javascript; charset=utf-8
content-encoding: br
content-md5: cqOd4/vzmFgZ0DM+ZwNJAQ==
last-modified: Thu, 15 Sep 2022 21:38:26 GMT
etag: 0x8DA97629F5284EE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 58af28f1-201e-003f-6e00-f8bf96000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-allow-origin: *
cache-control: public, no-transform, max-age=217583
expires: Wed, 08 Feb 2023 17:31:49 GMT
date: Mon, 06 Feb 2023 05:05:26 GMT
alt-svc: h3=":443"; ma=93600
akamai-grn: 0.760a655f.1675659926.1ba3872b
timing-allow-origin: *
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingaotak"}]}
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
X-Firefox-Spdy: h2
kupitiblog.ru/wp-content/uploads/2021/12/468x58.png
45.130.41.71200 OK 17 kB URL HTTP/2 kupitiblog.ru/wp-content/uploads/2021/12/468x58.png
IP 45.130.41.71:0
File type PNG image data, 468 x 58, 8-bit colormap, non-interlaced\012- data
Hash 51b3c76eee26bb0a11f1119786d10391
76be77ff255e45dd55108e6dbe400c309f6b40e9
195170c7160bdf558450e086cc2577f09555013ba3a28e3c6f4b14214945447a
GET /wp-content/uploads/2021/12/468x58.png HTTP/1.1
Host: kupitiblog.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx-reuseport/1.21.1
date: Mon, 06 Feb 2023 05:05:26 GMT
content-type: image/png
content-length: 16950
last-modified: Sun, 27 Nov 2022 21:11:51 GMT
etag: "6383d297-4236"
expires: Wed, 08 Mar 2023 05:05:26 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/nOsImvSWxx4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/nOsImvSWxx4
IP 142.250.74.131:0
Hash 73ba682b91a5c1f4fec2d61ab188c5db
3cbad5c591292fb6d7e985e021cda62655df97ab
632a4dba0b3d207fad0fccd137fdbd5f5ae0c117afbd0fefe65cb2c1c582398b
POST /s/gts1p5/nOsImvSWxx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/sdk.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/sdk.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Mon, 06 Feb 2023 05:05:27 GMT
Connection: keep-alive
Content-Length: 0
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
142.250.74.42403 Forbidden 132 B URL HTTP/1.1 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 142.250.74.42:0
File type JSON data\012- , ASCII text
Hash 3c954b0fdf7d56714cf712d02e0bf056
5c5acb630475cc6198b7191ba1adf49d72dd82f9
effda9280db937a1b47807f746c2797cdd1d44ffc3af3e1eee40306d7a9fe632
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
HTTP/1.1 403 Forbidden
Vary: Origin, X-Origin, Referer
Content-Type: application/json; charset=UTF-8
Content-Encoding: gzip
Date: Mon, 06 Feb 2023 05:05:27 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
Content-Length: 132
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://m921743x.beget.tech
Access-Control-Expose-Headers: vary,vary,vary,content-encoding,date,server,content-length
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 26 kB IP 142.250.74.131:0
Hash 3a6fe592775407f21d3924d56a601945
503beda9b2e008d2f0574a1cdc74753ca28f19a5
de10505585dc0115de003bdde209a22cee05dd7a23cbd048bd0aa07019b1adc8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 504736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m921743x.beget.tech/wp-content/uploads/2018/03/banner_employer.jpg
185.50.25.23200 OK 154 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/uploads/2018/03/banner_employer.jpg
IP 185.50.25.23:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 961x511, components 3\012- data
Size 154 kB (153887 bytes)
Hash cdcaed1ef40fe1ae3783b9e9f9d9ac8c
f8c3a42ab0d30e1a153d5183b25e50e7318e05e4
1d2222773b910ed4d7250d417ecc1ea9ca34801eb82aeaea3120f0730b92adf6
GET /wp-content/uploads/2018/03/banner_employer.jpg HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:27 GMT
Content-Type: image/jpeg
Content-Length: 153887
Last-Modified: Wed, 07 Aug 2019 12:04:02 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "5d4abe32-2591f"
Expires: Wed, 08 Mar 2023 05:05:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
m921743x.beget.tech/wp-content/uploads/2018/03/banner-candidate.jpg
185.50.25.23200 OK 141 kB URL HTTP/1.1 m921743x.beget.tech/wp-content/uploads/2018/03/banner-candidate.jpg
IP 185.50.25.23:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=512, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=962], progressive, precision 8, 962x512, components 3\012- data
Size 141 kB (140550 bytes)
Hash ea087626b6f80ee9e1e929569d699da7
ad40fd10bb4898cdf39396c8e5eebafaee411f02
3373a48197a0627c01fa6b6cae01222e1136bed0d0292660913c40063190861d
GET /wp-content/uploads/2018/03/banner-candidate.jpg HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:27 GMT
Content-Type: image/jpeg
Content-Length: 140550
Last-Modified: Wed, 07 Aug 2019 12:04:02 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "5d4abe32-22506"
Expires: Wed, 08 Mar 2023 05:05:27 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 597 B IP 93.184.220.29:0
Hash 93b32809cf5f939158cabd36e234563f
3042dcb10081c7bfddca04eb0787385f815976e9
b33eeb00bf623066674509c9cbc250c6edef43c31bc7778fc4715d80ca3b4458
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3282
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:27 GMT
Last-Modified: Mon, 06 Feb 2023 04:10:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1957)
Hash 4d6becf53725db4845bef6d0a6bc6227
31c16db7a7e467c893d8ed6782baf0b7924011ab
6f011978f090f18512b6c55e1ccef396e577b5a3f83cfc9fa2160b2477d1d4c9
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://m921743x.beget.tech/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: a3b2fbc35332d551d672d6995a5e89b2
etag: "028f42c8956ec9bb87c12db7fef1711e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 06 Feb 2023 05:24:11 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: TWvs9Tcl20hFvvbQprxiJw==
x-fb-debug: pLodjNbMv1n5Kmc/3AINMDVYsW/L/SFnJy9N9hDFIFVUOY1B1xmZ1/UKQDlXhlXwBnHqYeVRMX9dF68B3rFVmg==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 05:05:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1c08839b04520623798a6d3752711147
535035b7350cf8a4324eb69ffda7dfaaa1a29918
5ddf0cfbfe95f4690768f8ca167dcdd47f0fa7c6d076cbee0bdb225bba697429
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3282
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 05:05:27 GMT
Last-Modified: Mon, 06 Feb 2023 04:10:45 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js?hash=8a92f7bd142ed6a60a0be3d1c8b13940
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=8a92f7bd142ed6a60a0be3d1c8b13940
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 389b66f7c06c401516d5e4d2ec09be89
285228547d7c4ac1badd6b023edcea51d49a1591
0fb25f1bf7cbdddf8e644cae7545164e6cfec8322b49934bf9c5a6d963c40710
GET /en_US/sdk.js?hash=8a92f7bd142ed6a60a0be3d1c8b13940 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://m921743x.beget.tech
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 1146be1e65be8bd0d90b114f27b28d0a
etag: "34e2472be62b3db1390430e2135cc007"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 06 Feb 2024 02:51:09 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: OJtm98BsQBUW1eTS7Am+iQ==
x-fb-debug: 847sH5cLPYqvPYZZnekBw9+kHP5b8pMpXfYjLMft1VS1UDC1mIhbmiGtz7UDsvKmV1g+mTD9g/P0kxYWrQSrhA==
priority: u=3,i
content-length: 86988
x-fb-trip-id: 1904183273
date: Mon, 06 Feb 2023 05:05:27 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
wp.nootheme.com/jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png
172.67.157.168301 Moved Permanently 162 B URL HTTP/1.1 wp.nootheme.com/jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png
IP 172.67.157.168:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0c7d483bf9ae48584aaa8ac5d1f61cdd
6f0f5800b979066cdb300535a4a2ea0f467ff8d2
5e5c14e535f1310cdc30cfaeeadd83bba21b52102fd7f4eae41e28d33fa0530c
GET /jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png HTTP/1.1
Host: wp.nootheme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 05:05:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wp.nootheme.com/jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png
Cache-Control: max-age=7200
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URIRb4zcl66m%2BizsmIlR5l3K%2FUFVS0wwlZVcxxOefF0nQib3WvmuCX%2BF1ovDbGTXMbnI22lu0AfUj2aZQDz%2BtCAgcc88MSpx0V6Pkw8f9lX%2B4WxlAvf5U%2FwscMU5EPjHhek%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 795159d0c9251c0e-OSL
alt-svc: h2=":443"; ma=60
wp.nootheme.com/jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png
172.67.157.168200 OK 3.8 kB URL HTTP/2 wp.nootheme.com/jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png
IP 172.67.157.168:0
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 335851db0e0e2aee7614b40620e7a7b7
19bcb009ebd546689f4ef9277ad20e1845319f8f
93c51adc77ff1672598ac4676b6d6e2d2075bb53657cf2f0497a2985c8c4a85c
GET /jobmonster/dummy2/wp-content/uploads/2015/03/noo20x20.png HTTP/1.1
Host: wp.nootheme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://m921743x.beget.tech/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 05:05:27 GMT
content-type: image/png
content-length: 3815
last-modified: Tue, 29 Sep 2020 10:52:32 GMT
etag: "5f7311f0-ee7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
cf-cache-status: HIT
age: 13668
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKcYyfTnD4CN20GKDRaGqlGeWU3AGys5siSPDqRNoxi8VDb%2FBi4jNWwjoP3rLygxj4UHGFyuZ0%2FPwoccl7%2FLnCvYPdfzMdITEJaLB7ON1QVZCj%2ByYwPiqOFH3aAXuZbiY4U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 795159d48a220afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.addtoany.com/menu/page.js
172.67.39.148200 OK 0 B URL HTTP/2 static.addtoany.com/menu/page.js
IP 172.67.39.148:0
GET /menu/page.js HTTP/1.1
Host: static.addtoany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Feb 2023 05:05:26 GMT
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=172800
cf-bgj: minify
access-control-allow-origin: *
age: 13763
etag: W/"c04-5f1f2ae2e431b"
last-modified: Wed, 11 Jan 2023 01:11:30 GMT
vary: Accept-Encoding
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 795159cd78bcb51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-wysihtml5/bootstrap3-wysihtml5.custom.min.js
185.50.25.23200 OK 0 B URL HTTP/1.1 m921743x.beget.tech/wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-wysihtml5/bootstrap3-wysihtml5.custom.min.js
IP 185.50.25.23:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/noo-jobmonster/framework/vendor/bootstrap-wysihtml5/bootstrap3-wysihtml5.custom.min.js HTTP/1.1
Host: m921743x.beget.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Cookie: PHPSESSID=5fbbcd3f4329d28f1e7a70eb876b93c3
HTTP/1.1 200 OK
Server: nginx-reuseport/1.21.1
Date: Mon, 06 Feb 2023 05:05:26 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 07 Aug 2019 12:04:03 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=30
Vary: Accept-Encoding
ETag: W/"5d4abe33-22a5c"
Expires: Mon, 13 Feb 2023 05:05:26 GMT
Cache-Control: max-age=604800
Content-Encoding: gzip
webtrafic.ru/ads.php?uid=6607
172.67.211.59404 Not Found 0 B URL HTTP/2 webtrafic.ru/ads.php?uid=6607
IP 172.67.211.59:0
GET /ads.php?uid=6607 HTTP/1.1
Host: webtrafic.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://m921743x.beget.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 06 Feb 2023 05:05:26 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y91kyNwtPEh9ujSmq%2BnHAvkuyA0V36DekPmNXrNdlfhvmWezxTZxjMaRGEbSpCxGl0M5w317iovkjqfQgxhJ7wBfmW9GlGG7uvJipxId%2BxxvBOtIhmWNyKpAaVlOLcI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 795159cd6ec1b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2