| test.igmg.site/ |  51.195.6.66 | 301 Moved Permanently | 162 B |
IP51.195.6.66:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET / HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Dec 2022 15:02:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://test.igmg.site/
|
|
| r3.o.lencr.org/ |  23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashf2acd891dc6eb1f09f57a2b086791781 1e2088306501a61edcca1ade62c4d54f23b3b083 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15024
Expires: Thu, 08 Dec 2022 19:12:37 GMT
Date: Thu, 08 Dec 2022 15:02:13 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash388f6fea5bafa378266622b72311a6ee 447f102dc12172ce1ba44c5e94e1d7bb49d43372 a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18043
Expires: Thu, 08 Dec 2022 20:02:56 GMT
Date: Thu, 08 Dec 2022 15:02:13 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 14:08:13 GMT
content-type: application/json
age: 3240
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash00e7703bd74975689fc9050356aaca6b 9788fe6a36d6f278e8da329ebc5dd87bcd212317 593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2372
Expires: Thu, 08 Dec 2022 15:41:45 GMT
Date: Thu, 08 Dec 2022 15:02:13 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5+jGMBTXyd2YMTeqPnURAnOg5GYDuk5K2Q05VC+fqiJwlaFEcjC3p/36Czx6lT/EJYGrkKSiI+w=
x-amz-request-id: VEXKF5F1TNT3ZFGP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 14:49:49 GMT
age: 744
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash87cbb503f18bb6585ba565822a3a53b4 0a17de712ba84d703976be08511d70ac992bac9a 147856890dd18c63930619d8a17dde8b088cbf384db6a39cbd31f4c2d3983faa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "147856890DD18C63930619D8A17DDE8B088CBF384DB6A39CBD31F4C2D3983FAA"
Last-Modified: Thu, 08 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21524
Expires: Thu, 08 Dec 2022 21:00:57 GMT
Date: Thu, 08 Dec 2022 15:02:13 GMT
Connection: keep-alive
|
|
| cdnjs.cloudflare.com/ajax/libs/dropzone/5.4.0/dropzone.css |  104.17.25.14 | 200 OK | 1.5 kB |
URL HTTP/2cdnjs.cloudflare.com/ajax/libs/dropzone/5.4.0/dropzone.css IP104.17.25.14:0
Hash593403dc4ce9adcdf7d8b44f18513be3 ab9859e2e1e1440884c15e707e9c2eb655c60711 8dfffecd68c0f0dec371039f73aeb8d4d8551e350b42cca7da50e2d7df142263
GET /ajax/libs/dropzone/5.4.0/dropzone.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css; charset=utf-8
content-length: 1464
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e3e-312b"
last-modified: Mon, 04 May 2020 16:09:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 59401
expires: Tue, 28 Nov 2023 15:02:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5f4ACM6bhjhCxu7JMdyX4c7%2FsUSW4uPBNgv3%2FV%2F5xkYnopw2Fi%2Ffs65Yea%2FbWYoF%2FZZ45GArU6dVyFzIp19bPHI3GHP1Ru4nBphptvqKqnPI8hKlbodvigyqsu5MseXwYgbarLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7766617f1ba7b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashf6fada364fc732a3cf0eaa10e2a51b22 5cd19b4cabaeb3a174a2c82a253240ef8badc5ec ac754e82026ee52daf1f4e3bf36c12e39efdcb318c093f25c1218f0be3f36f1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2591
Cache-Control: max-age=88557
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:13 GMT
Etag: "6390a944-117"
Expires: Fri, 09 Dec 2022 15:38:10 GMT
Last-Modified: Wed, 07 Dec 2022 14:55:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashf6fada364fc732a3cf0eaa10e2a51b22 5cd19b4cabaeb3a174a2c82a253240ef8badc5ec ac754e82026ee52daf1f4e3bf36c12e39efdcb318c093f25c1218f0be3f36f1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2595
Cache-Control: max-age=88562
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:13 GMT
Etag: "6390a944-117"
Expires: Fri, 09 Dec 2022 15:38:15 GMT
Last-Modified: Wed, 07 Dec 2022 14:55:00 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashf6fada364fc732a3cf0eaa10e2a51b22 5cd19b4cabaeb3a174a2c82a253240ef8badc5ec ac754e82026ee52daf1f4e3bf36c12e39efdcb318c093f25c1218f0be3f36f1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2591
Cache-Control: max-age=88557
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:13 GMT
Etag: "6390a944-117"
Expires: Fri, 09 Dec 2022 15:38:10 GMT
Last-Modified: Wed, 07 Dec 2022 14:55:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashf6fada364fc732a3cf0eaa10e2a51b22 5cd19b4cabaeb3a174a2c82a253240ef8badc5ec ac754e82026ee52daf1f4e3bf36c12e39efdcb318c093f25c1218f0be3f36f1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2574
Cache-Control: max-age=88541
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:13 GMT
Etag: "6390a944-117"
Expires: Fri, 09 Dec 2022 15:37:54 GMT
Last-Modified: Wed, 07 Dec 2022 14:55:00 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash6ec5f6261a8262e9f94b29627f54cefe 7ac766cf2ac8c2d960ec033388a767ff8a7d45e2 5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| test.igmg.site/images/program3.png?r=108756114 | 51.195.6.66 | 200 OK | 2.4 kB |
URL HTTP/2test.igmg.site/images/program3.png?r=108756114 IP51.195.6.66:0
File typePNG image data, 92 x 83, 8-bit/color RGBA, non-interlaced\012- data Hash00ac55dafb6bed7c22fa6f79e268bffa e3a16f6fa4b23db5ac1567a7f7a25ee8b30176cd 2fd5cbee7816a3a0ac5863064f0e7836fc5f2e9e53174984139aaa02a108f31c
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program3.png?r=108756114 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 2358
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-936"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/images/program4.png?r=1353364513 | 51.195.6.66 | 200 OK | 2.4 kB |
URL HTTP/2test.igmg.site/images/program4.png?r=1353364513 IP51.195.6.66:0
File typePNG image data, 77 x 83, 8-bit/color RGBA, non-interlaced\012- data Hash7385f9e6996f26e048e0656af1a63b55 da3e1b9166f1a8171a7b3b0ecdd0fcad8d7fe1ec c4e1e74d6ad27c277320efec9e1bd55897e424be35b22abf1fcb5ef015984e79
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program4.png?r=1353364513 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 2363
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-93b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/images/program7.png?r=15032596 | 51.195.6.66 | 200 OK | 17 kB |
URL HTTP/2test.igmg.site/images/program7.png?r=15032596 IP51.195.6.66:0
File typePNG image data, 143 x 132, 8-bit/color RGB, non-interlaced\012- data Hasheeb2d5fe356d71a3128c903cb041b306 a9b1c3099a347e38a886a075a6a75737631c9667 314f0cf28a9f6341b3c47f96c0ecf06a7c929b495b502907a987afed8fa7feed
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program7.png?r=15032596 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 16669
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-411d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/images/program1.png?r=415120264 | 51.195.6.66 | 200 OK | 3.9 kB |
URL HTTP/2test.igmg.site/images/program1.png?r=415120264 IP51.195.6.66:0
File typePNG image data, 85 x 82, 8-bit/color RGBA, non-interlaced\012- data Hashf546ddd9ea85f69f04b23bbcb9a6bbab 1e0f5dacbd43e2b6ceb0693ddc9ed5e4ff868928 96c507fd8ed7b25af04082722480424f2d88ad77144c65739ea5b259f7d97d71
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program1.png?r=415120264 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 3922
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-f52"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/images/program2.png?r=2047070281 | 51.195.6.66 | 200 OK | 2.7 kB |
URL HTTP/2test.igmg.site/images/program2.png?r=2047070281 IP51.195.6.66:0
File typePNG image data, 200 x 133, 8-bit colormap, non-interlaced\012- data Hash8a8445dbaf9c9daba257bd6142958234 7fbf1239846097347b75409cb833ec003e712965 e6ad65ffc98707290032a8b8a7711f732a47b130098f7df9e76d59171b06bb0f
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program2.png?r=2047070281 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 2699
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-a8b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 279 B |
IP93.184.220.29:0
Hashd4507c78df6167484b39da9024efab18 72fedc57c2563ea57180ad8747bda11135bdf2bc 008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2905
Cache-Control: max-age=165184
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:13 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 12:55:17 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
|
|
| test.igmg.site/images/program5.png?r=1981760073 | 51.195.6.66 | 200 OK | 34 kB |
URL HTTP/2test.igmg.site/images/program5.png?r=1981760073 IP51.195.6.66:0
File typePNG image data, 150 x 150, 8-bit/color RGB, non-interlaced\012- data Hash10df1fbe515007849e1dce800a69b332 3476224effecaa7c050cdebba17da09699e356c5 f914c7f0a5075be27429eae01730847ab78864d092d6e3cfdedcc9f08d95ea74
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program5.png?r=1981760073 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 34008
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-84d8"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/images/igmg_os_logo.png | 51.195.6.66 | 200 OK | 4.9 kB |
URL HTTP/2test.igmg.site/images/igmg_os_logo.png IP51.195.6.66:0
File typePNG image data, 400 x 54, 8-bit/color RGBA, non-interlaced\012- data Hashbb5bd0155bb30ba44c129be28c0e3428 885a119b71895fa9699bb1afff6f5d503364744a 3347cf02ef082e471361b37cdc867dea84e44c7ce138502c13e8284855d2d4a1
GET /images/igmg_os_logo.png HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 4912
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-1330"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/images/program4.png?r=619479849 | 51.195.6.66 | 200 OK | 2.4 kB |
URL HTTP/2test.igmg.site/images/program4.png?r=619479849 IP51.195.6.66:0
File typePNG image data, 77 x 83, 8-bit/color RGBA, non-interlaced\012- data Hash7385f9e6996f26e048e0656af1a63b55 da3e1b9166f1a8171a7b3b0ecdd0fcad8d7fe1ec c4e1e74d6ad27c277320efec9e1bd55897e424be35b22abf1fcb5ef015984e79
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /images/program4.png?r=619479849 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: image/png
content-length: 2363
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-93b"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/js.cookie.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/js.cookie.min.js IP51.195.6.66:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/js.cookie.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
content-length: 0
x-accel-version: 0.01
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "0-5e300857cde8e"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.sparkline.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.sparkline.min.js IP51.195.6.66:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.sparkline.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
content-length: 0
x-accel-version: 0.01
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "0-5e300857cceee"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.flot.min.js | 51.195.6.66 | 200 OK | 14 kB |
URL HTTP/2test.igmg.site/assets/js/jquery.flot.min.js IP51.195.6.66:0
File typeASCII text, with very long lines (32033) Hash473f5fa455a6b1cc2030b6a1bf656406 b646a3cb1da114fab84f80ff6d9fd017f965dfb5 0b26cfa47940b2218483f9b42c2a2bd12bd5253e81b84768dc2570552891415b
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.flot.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-cee6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.js | 51.195.6.66 | 200 OK | 6.3 kB |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.js IP51.195.6.66:0
Hash11a16602f3d9b9a1129d11be63b7530c b5d84ef722f6d92d58eac99510a8bb34f7d5d691 48f8257fd247c0ac2236dfcc1b221bc0c25d9e5d49f31046b82ed7e4da5a13b4
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-6ba2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unpkg.com/xlsx@0.18.5/dist/shim.min.js | 104.16.124.175 | 200 OK | 2.4 kB |
URL HTTP/2unpkg.com/xlsx@0.18.5/dist/shim.min.js IP104.16.124.175:0
File typeHTML document, ASCII text, with very long lines (5589) Hashc25101d54fe0ccdbf990be080718cd2a b071b613b19d411de38c4e0ad1153e15ddb260ad 2f2dc5660e701fb212c17ea891ba0e210a3e6bd341c6d3ac29b0a3f38e64f7de
GET /xlsx@0.18.5/dist/shim.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://test.igmg.site/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:02:14 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1613-Z7IllA0NQSPoxrSE6c9Sl7PgwjA"
via: 1.1 fly.io
fly-request-id: 01FYY5CX0AG90XNXEV43KMCVSJ-fra
cf-cache-status: HIT
age: 22379483
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7766618238c01c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/quick-sidebar.min.js | 51.195.6.66 | 200 OK | 1.3 kB |
URL HTTP/2test.igmg.site/assets/js/quick-sidebar.min.js IP51.195.6.66:0
File typeHTML document, ASCII text, with very long lines (2787), with no line terminators Hashb72d0f9bab490c93638756bbde39014e d1ce37cd22e29e1fc7af72e7e235172560b184b2 be7dbaa46d94f9ebe263672ef63f2c2593552251001a2d84dd2b8c71dc7af3ec
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/quick-sidebar.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-ae3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 44.228.207.167 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP44.228.207.167:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xbP6zKO/ZpJHcgiIRPjPOQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XDRNzjiTxAFi8PkDbURYt+yQuDE=
|
|
| test.igmg.site/assets/js/jquery.flot.categories.min.js | 51.195.6.66 | 200 OK | 8.7 kB |
URL HTTP/2test.igmg.site/assets/js/jquery.flot.categories.min.js IP51.195.6.66:0
File typeASCII text, with very long lines (2457) Hash42a58e87dde3af4e0000b09a9a7ea773 43e44437c5c0be3d14dab93cfa37a2cb6692f4a7 d6174ca03ae2b3b3263c032bbfb7db5e2b5e1fc2361325167aa85093987a3b22
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.flot.categories.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-a26"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/bootstrap.min.js | 51.195.6.66 | 200 OK | 16 kB |
URL HTTP/2test.igmg.site/assets/js/bootstrap.min.js IP51.195.6.66:0
File typeASCII text, with very long lines (59729), with CRLF line terminators Hash86fce06414728f436691578088fcdae6 494bacb407b74e2f5cfc84a949d93ec9ae06ed03 4c6c1fa2a77ff3987b2e1680ff26191ca29436ce1c17791f866aaca1e5847c2e
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-ea47"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0e9eef4ed41ef94e9ea175ad243e294e b6f83e508270413dabe55e2884b5409ca7978e24 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670511434307%22 | 35.241.9.150 | 200 OK | 22 kB |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221670511434307%22 IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (21675), with no line terminators Hash8a0019a54fa38602fa6349bd31e214ed 2b7a5a4b3bd98d2906390a646df5b8535f4e8596 cfbe0655dcc09b897e2178393b426a23eb9d4391d4ff9e3b443daec02e7170c4
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221670511434307%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 21675
via: 1.1 google
date: Thu, 08 Dec 2022 15:02:10 GMT
last-modified: Thu, 08 Dec 2022 14:57:14 GMT
content-type: application/json
age: 4
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/select2.full.min.js | 51.195.6.66 | 200 OK | 64 kB |
URL HTTP/2test.igmg.site/assets/js/select2.full.min.js IP51.195.6.66:0
File typeUnicode text, UTF-8 text, with very long lines (32091) Hash5c914574d17442c068d37e4f6b779ad6 137ef0d2ef612feed359c081314f0675406835b8 d7b41ac36d2dc34ea8f5e8d22a97ad6ad9471e5cfb6deefee4062c96ad8241e2
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/select2.full.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-124fd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/daterangepicker.min.js | 51.195.6.66 | 200 OK | 7.1 kB |
URL HTTP/2test.igmg.site/assets/js/daterangepicker.min.js IP51.195.6.66:0
File typeASCII text, with very long lines (31304) Hash970d0e51f3a3d9142d59239dce2435f9 6185e91398bb7fca30d8cd9723f86e4c3341d64e 4d18df9f4f25bc69aa25c72faa68cede299461eeb31d4b2a747373b2104ff624
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/daterangepicker.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-7b6a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0e9eef4ed41ef94e9ea175ad243e294e b6f83e508270413dabe55e2884b5409ca7978e24 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 | 142.250.74.163 | 200 OK | 31 kB |
URL HTTP/2fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 IP142.250.74.163:0
File typeWeb Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data Hash3fe71527811fbfedd2c07962e1bc49e7 f63e158a0480c5d711b5e268db0e75e57d87a8a5 24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://test.igmg.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:57:58 GMT
expires: Tue, 05 Dec 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 245056
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash0e9eef4ed41ef94e9ea175ad243e294e b6f83e508270413dabe55e2884b5409ca7978e24 0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| test.igmg.site/images/logo.png | 51.195.6.66 | 200 OK | 62 kB |
URL HTTP/2test.igmg.site/images/logo.png IP51.195.6.66:0
File typePNG image data, 190 x 190, 8-bit/color RGB, non-interlaced\012- data Hashbdba6772eb3477480740c8a34de0d166 c322e86c037868cb60235ed54b3efd7e355820db 747dc61d8573f1904b33b9f7157682643018a5710bb9c2580316ec37514ff1c6
GET /images/logo.png HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:14 GMT
content-type: image/png
content-length: 61610
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: "62c34c76-f0aa"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/bootstrap-switch.min.css?1149820171 | 51.195.6.66 | 200 OK | 1.7 kB |
URL HTTP/2test.igmg.site/assets/css/bootstrap-switch.min.css?1149820171 IP51.195.6.66:0
File typeASCII text, with very long lines (5487) Hashdfe5297e020dfce48ef68d6f85b66837 a06f0705a443e7f0041ca82b85c5c660a3e3d5f6 a208f8543cf264819cafec5c911557f939add54a65bef3df6410ff254e9732a8
GET /assets/css/bootstrap-switch.min.css?1149820171 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-1939"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash4f48748dc87020a0f1368e6d3bb9a24c 4eeade3f02cc6b02390af43bd5e7d67da4a707e0 7cb746c8d9392ac22b2a06ce10ef0266bebf5a7a09febdafeea27a29fa0bd1a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 15:02:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18193
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:02:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18193
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:02:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18193
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:02:15 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash48c90992f0837a58e0a36118a27dae6a 3d238fed35e6d247bddbba92864e6b92e6aed9b6 cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18193
Expires: Thu, 08 Dec 2022 20:05:28 GMT
Date: Thu, 08 Dec 2022 15:02:15 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg | 34.120.237.76 | 200 OK | 6.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash210b27f5f6310d8fad640acce3d9ae0e 08d241e56622cb900754d95bc5d58ed8826d9f32 64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: etWGqF-8tXSwaeZVTPK4g9CV5ZbdYv5ZDjF5Yx2PSNnTsreewpbhdA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 08:48:08 GMT
age: 22447
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg | 34.120.237.76 | 200 OK | 7.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash24d89b69ba37bf23c5d576aff4063caf 3d46a21b4da571d7e4962e335c18a28ca5f81ecf 09b52cdab278805c6e7282f469a02768ee62fc9ef09a6623a337e3d3aaa446fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbbba0eea-a6f1-4374-a9c7-dab84270023b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: ae5c231c-b1be-498a-a242-e8d641f3fe8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFDgEzUoAMFgyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911baf-10f06dc37cac69631c823fd9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:03:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QSv756DvAzOQnKae5wVg75wrQS6oDGPkfIZka86FNQ2vizBnZ7sIDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:12:45 GMT
age: 56970
etag: "3d46a21b4da571d7e4962e335c18a28ca5f81ecf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb87d6543345f73653ed4a49b37d7c959 c4f26846b8b72293368ff16915d49297cf12bbb9 aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 55736
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg | 34.120.237.76 | 200 OK | 9.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc408efaa98ac2ce63bb1618368d10c15 a51bbb49ebd862d04eaee465d0a35b22dcd21391 077eb8c8739f527828c71c25a1c3aaae46afead3aac093ec11a6d5488ef2f0ec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74e98e03-fa9f-4e56-a8ba-5411568d88c8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9596
x-amzn-requestid: e5e6ceb2-5bad-4146-a9de-92a859716029
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_qH63oAMFfLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-678bed1b7729b8aa2645688d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FsbiyZG0110CEANduIIWuLcxFOxfrV0YPvOSy-ScXFIX1qM6qaOdCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 22:21:22 GMT
age: 60053
etag: "a51bbb49ebd862d04eaee465d0a35b22dcd21391"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg | 34.120.237.76 | 200 OK | 7.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash8c94003641bb5a7595e7004f80f95d22 3446450df60d732f9021d5bfd5f5f7c6c870d9ec 4d782dbf94b2163e9bc18028cd0c1a391fdcfcb019f23c4c26ea0b44432039ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4119e239-0c3b-4175-bfe0-f5d42729d743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7801
x-amzn-requestid: cb8d5aab-409f-4b39-b498-b1ba84f34e06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFRNHX4oAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c07-7c6e3bfa3f81082b48f43fa9;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8QHhEAFHTHd-5UqS1S5qwJj_h4WNfix2CgS4MO4zR_psrzgMP3SZ5g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:16:35 GMT
age: 56740
etag: "3446450df60d732f9021d5bfd5f5f7c6c870d9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash57be99ac898a37d73f2ba4a24f56248f 04e32eb45581201a6a1863200e4d139df48285e6 a20081b64fc019372843360b15aa3461ec9dd3deb50ab398bca0a5e74d5468c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9301ee5-df75-4967-a2c7-597f869e557b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12534
x-amzn-requestid: 2a01f2ba-cf3a-4f59-8339-214c66bcc0d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czDbyGTcoAMF_TQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911918-5d3eba8d01e4175a71acc6cd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 22:52:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NoZlZ8WFfOuIbkWaC2pJPJQrWtjzz2gCHJWr-u-nMNYmu8MkTf6_PA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:03:58 GMT
age: 57497
etag: "04e32eb45581201a6a1863200e4d139df48285e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/daterangepicker.min.css?512306562 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/daterangepicker.min.css?512306562 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/daterangepicker.min.css?512306562 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-15ea"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/plugins.min.css?1469428075 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/plugins.min.css?1469428075 IP51.195.6.66:0
GET /assets/css/plugins.min.css?1469428075 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-a4bb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/select2/select2.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/select2/select2.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/select2/select2.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-1042e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/fullcalendar.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/fullcalendar.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/fullcalendar.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-180ab"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/morris.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/morris.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/morris.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-8b44"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/colorbox.css?163772341 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/colorbox.css?163772341 IP51.195.6.66:0
GET /assets/css/colorbox.css?163772341 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-114f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.world.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.world.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.world.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-ecb8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/additional-methods.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/additional-methods.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/additional-methods.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-433a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.slimscroll.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.slimscroll.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.slimscroll.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-1437"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.europe.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.europe.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.europe.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-17d75"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/dashboard.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/dashboard.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/dashboard.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-530d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/login.min.css?1941470199 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/login.min.css?1941470199 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/login.min.css?1941470199 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-e55"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unpkg.com/blob.js@1.0.1/Blob.js | 104.16.124.175 | 200 OK | 0 B |
URL HTTP/2unpkg.com/blob.js@1.0.1/Blob.js IP104.16.124.175:0
GET /blob.js@1.0.1/Blob.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2016 10:24:13 GMT
etag: W/"1800-jszKs+14oLm7MdJGCNbZkvu8ALE"
via: 1.1 fly.io
fly-request-id: 01F52A04572E1EZHSX8W8CQKRK
cf-cache-status: HIT
age: 18621421
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7766617faea31c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/quick-nav.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/quick-nav.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/quick-nav.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"19f-5e300857ce65e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/login.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/login.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/login.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-d1c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.7.2/css/all.css | 172.64.133.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.7.2/css/all.css IP172.64.133.15:0
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://test.igmg.site
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:02:14 GMT
content-type: text/css
x-amz-id-2: EWg7awekUlP15LLqgjBrkyDrAb+QUXr+fnBHYmm7qkHCCpYxLh+JwvilWwCRXgjTTf5LKzSXq7g=
x-amz-request-id: XCPPJPRXF51JVDPJ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUdOR0F5Vb1M0ZnMglZp6Tqx1FJ3iXx9a%2BMfTz2uQw633mnkOBtghDPXib%2FjC5%2FKzg75ZO4egKJy%2F6%2FSkeyyDjidwZE25EeuNaIh%2FYyt9txyS0gy8rocHUDirynMJB8TAVDdSYUY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776661800c6723e8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| test.igmg.site/ | 51.195.6.66 | 200 OK | 0 B |
IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET / HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh; expires=Sat, 18-Mar-2023 15:02:13 GMT; Max-Age=8640000; path=/
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/export.css?1593520403 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/export.css?1593520403 IP51.195.6.66:0
GET /assets/amcharts/export.css?1593520403 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-8397"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.dataTables.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.dataTables.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.dataTables.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-13ff2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/light.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/light.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/amcharts/light.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-b62"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.germany.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.germany.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.germany.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-d893"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/select2/select2.min.css?1654276941 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/select2/select2.min.css?1654276941 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/select2/select2.min.css?1654276941 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-7c8b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/bayrakfont.css?1917364438 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/bayrakfont.css?1917364438 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/bayrakfont.css?1917364438 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-3361"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/amcharts.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/amcharts.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/amcharts/amcharts.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-3314a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/export.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/export.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/amcharts/export.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-f3b9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.waypoints.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.waypoints.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.waypoints.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-1f6c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.number.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.number.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.number.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-185f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/layout.min.css?1259591490 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/layout.min.css?1259591490 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/layout.min.css?1259591490 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-ec89"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/fullcalendar/lib/main.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/fullcalendar/lib/main.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/fullcalendar/lib/main.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-3c681"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/dataloader.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/dataloader.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/amcharts/dataloader.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-1a8b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/dropzone/dropzone.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/dropzone/dropzone.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/dropzone/dropzone.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-22feb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/colorbox/jquery.colorbox-min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/colorbox/jquery.colorbox-min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/colorbox/jquery.colorbox-min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-2eb8"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unpkg.com/file-saver@1.3.3/FileSaver.js | 104.16.124.175 | 200 OK | 0 B |
URL HTTP/2unpkg.com/file-saver@1.3.3/FileSaver.js IP104.16.124.175:0
GET /file-saver@1.3.3/FileSaver.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2016 10:43:25 GMT
etag: W/"174d-ppV+tNTWNc2klmEzFicm/vyFuQM"
via: 1.1 fly.io
fly-request-id: 01GHZQ5V4V5ACDNY7SPCPWY9M9-fra
cf-cache-status: HIT
age: 1926184
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7766617fbeaf1c0e-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.sampledata.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.sampledata.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.sampledata.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-952"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/simple-line-icons.min.css?601578124 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/simple-line-icons.min.css?601578124 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/simple-line-icons.min.css?601578124 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-256b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/default.min.css?752154346 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/default.min.css?752154346 IP51.195.6.66:0
GET /assets/css/default.min.css?752154346 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-5a7f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.blockui.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.blockui.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.blockui.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-2554"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/ekurs.css?1566256697 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/ekurs.css?1566256697 IP51.195.6.66:0
GET /assets/css/ekurs.css?1566256697 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-62b5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/serial.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/serial.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/amcharts/serial.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-c01f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/select2/tr.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/select2/tr.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/select2/tr.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"305-5e300857cee2e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.counterup.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.counterup.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.counterup.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-42d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/bootstrap.min.css?1061899514 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/bootstrap.min.css?1061899514 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/bootstrap.min.css?1061899514 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-1cc99"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/igmgfont.css?1225488639 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/igmgfont.css?1225488639 IP51.195.6.66:0
GET /assets/css/igmgfont.css?1225488639 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-6c5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-17b8a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/?act=js_translates | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/?act=js_translates IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /?act=js_translates HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/bootstrap-switch.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/bootstrap-switch.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/bootstrap-switch.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-3a37"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/raphael-min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/raphael-min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/raphael-min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-16555"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/fullcalendar/lib/main.min.css?798979465 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/fullcalendar/lib/main.min.css?798979465 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/fullcalendar/lib/main.min.css?798979465 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-616b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.russia.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.russia.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.russia.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-267d3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/layout.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/layout.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/layout.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-11c0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/moment-with-locales.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/moment-with-locales.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/moment-with-locales.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-9721a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all IP142.250.74.106:0
GET /css?family=Open+Sans:400,300,600,700&subset=all HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 15:02:13 GMT
date: Thu, 08 Dec 2022 15:02:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/tinymce/tinymce.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/tinymce/tinymce.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/tinymce/tinymce.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-72a93"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/jquery-ui.css?941928900 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/jquery-ui.css?941928900 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/jquery-ui.css?941928900 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-91ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/amcharts/pie.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/amcharts/pie.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/amcharts/pie.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-394d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.easypiechart.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.easypiechart.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.easypiechart.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-f4e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.flot.resize.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.flot.resize.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.flot.resize.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-928"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.vmap.usa.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.vmap.usa.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.vmap.usa.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-ba04"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| unpkg.com/xlsx/dist/shim.min.js | 104.16.124.175 | 302 Found | 0 B |
URL HTTP/2unpkg.com/xlsx/dist/shim.min.js IP104.16.124.175:0
GET /xlsx/dist/shim.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /xlsx@0.18.5/dist/shim.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKS3NBW37T6NN9NB95QMK3SX-ams
cf-cache-status: HIT
age: 490
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7766617fbead1c0e-OSL
X-Firefox-Spdy: h2
|
|
| unpkg.com/xlsx/dist/xlsx.full.min.js | 104.16.124.175 | 302 Found | 0 B |
URL HTTP/2unpkg.com/xlsx/dist/xlsx.full.min.js IP104.16.124.175:0
GET /xlsx/dist/xlsx.full.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /xlsx@0.18.5/dist/xlsx.full.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKS3ZEP795CTTX7BHHXK13QZ-ams
cf-cache-status: HIT
age: 159
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7766617feec71c0e-OSL
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/pwstrength.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/pwstrength.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/pwstrength.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-9785"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/app.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/app.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/app.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-3c77"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/bootbox.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/bootbox.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/bootbox.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-4543"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery.validate.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery.validate.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery.validate.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-5262"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/morris.css?1304120157 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/morris.css?1304120157 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/morris.css?1304120157 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"1b0-5e300857c80ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/jqvmap.css?579845941 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/jqvmap.css?579845941 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/css/jqvmap.css?579845941 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"38b-5e300857c80ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/components.min.css?1632884163 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/components.min.css?1632884163 IP51.195.6.66:0
GET /assets/css/components.min.css?1632884163 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-a0436"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/popper.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/popper.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/popper.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-52ce"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/demo.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/demo.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/demo.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-10a6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/css/dataTables.min.css?2067440479 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/css/dataTables.min.css?2067440479 IP51.195.6.66:0
GET /assets/css/dataTables.min.css?2067440479 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: text/css
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-342b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/jquery-ui.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/jquery-ui.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/jquery-ui.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-3dee5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/fullcalendar/lib/locales-all.min.js | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/fullcalendar/lib/locales-all.min.js IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/fullcalendar/lib/locales-all.min.js HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2022 20:24:22 GMT
etag: W/"62c34c76-47e2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|
| test.igmg.site/assets/js/ekurs.js?1896337893 | 51.195.6.66 | 200 OK | 0 B |
URL HTTP/2test.igmg.site/assets/js/ekurs.js?1896337893 IP51.195.6.66:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /assets/js/ekurs.js?1896337893 HTTP/1.1
Host: test.igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://test.igmg.site/
Cookie: PHPSESSID=sfk65jhvvttpm42t49o7rbgvuh
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 15:02:13 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:24:27 GMT
etag: W/"6385513b-63d9"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
|
|