igmg.site/
51.195.6.66301 Moved Permanently 162 B IP 51.195.6.66:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Oct 2022 06:01:50 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://igmg.site/
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 05:29:28 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PK3grIemBhTg4dkqUnZynR6yk3vFe9sWCfMk20lRbNwuwg3f8XftYQ==
Age: 1943
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10025
Expires: Tue, 04 Oct 2022 08:48:56 GMT
Date: Tue, 04 Oct 2022 06:01:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Ma4Ssf63q1r-WtZupHVAFkhhObQtBTicGeKTMxdcTriUOwors95FsA==
age: 2004
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 26e3b3b3a4c0af4ce6f4ab50343d5464
883cf1633067408bae2bbbe9dc2b49729516719f
5d76719e4e96595e4c13041ffb60d97de24cce82d990099300123fa774dc481a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D76719E4E96595E4C13041FFB60D97DE24CCE82D990099300123FA774DC481A"
Last-Modified: Mon, 03 Oct 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16682
Expires: Tue, 04 Oct 2022 10:39:53 GMT
Date: Tue, 04 Oct 2022 06:01:51 GMT
Connection: keep-alive
igmg.site/system
51.195.6.66301 Moved Permanently 233 B IP 51.195.6.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 84565f4bd848790acc0d97cbfad343dc
d5d36eac47d960d695b06ab6bbdda0350729c3f6
faa4c981c4c96a0ec17ad1a519c05efdafae7e67fe7205681d3fb53565d91a9c
Analyzer Verdict Alert fortinet Malware
GET /system HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/html; charset=iso-8859-1
content-length: 233
location: https://igmg.site/system/
x-cache-status: MISS
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/dropzone/5.4.0/dropzone.css
104.17.24.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/dropzone/5.4.0/dropzone.css
IP 104.17.24.14:0
Hash 593403dc4ce9adcdf7d8b44f18513be3
ab9859e2e1e1440884c15e707e9c2eb655c60711
8dfffecd68c0f0dec371039f73aeb8d4d8551e350b42cca7da50e2d7df142263
GET /ajax/libs/dropzone/5.4.0/dropzone.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css; charset=utf-8
content-length: 1464
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e3e-312b"
last-modified: Mon, 04 May 2020 16:09:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 199292
expires: Sun, 24 Sep 2023 06:01:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pTiM%2FvoO44eCNmUls5JIptso3BES7J%2ByXHaID4g3x%2BeYxlvNf5F1BNn6MSI1a4Vi7DxlU8co4g47Vz6XftcHGCNUn5Fdam14wPIgSLTuL20jMi5Rvyi40rnf1%2B0u3FeYGiwgYzBy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 754bb4930c8ab505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
igmg.site/system/assets/css/login.min.css?1675120513
51.195.6.66200 OK 1.4 kB URL HTTP/2 igmg.site/system/assets/css/login.min.css?1675120513
IP 51.195.6.66:0
File type ASCII text, with very long lines (3443), with CRLF line terminators
Hash ffbac360212e2d142fd71021ef336804
530a7892806a59804672936c01cb198208d5ed3c
9c867b720d9e4842559869aba8fdf2730988b6dafac5ea021f2ae850a1a8bf6b
GET /system/assets/css/login.min.css?1675120513 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-e55"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/images/igmg_os_logo.png
51.195.6.66200 OK 4.9 kB URL HTTP/2 igmg.site/system/images/igmg_os_logo.png
IP 51.195.6.66:0
File type PNG image data, 400 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash bb5bd0155bb30ba44c129be28c0e3428
885a119b71895fa9699bb1afff6f5d503364744a
3347cf02ef082e471361b37cdc867dea84e44c7ce138502c13e8284855d2d4a1
GET /system/images/igmg_os_logo.png HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 4912
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-1330"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program5.png?r=1231696422
51.195.6.66200 OK 34 kB URL HTTP/2 igmg.site/system/images/program5.png?r=1231696422
IP 51.195.6.66:0
File type PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced\012- data
Hash 10df1fbe515007849e1dce800a69b332
3476224effecaa7c050cdebba17da09699e356c5
f914c7f0a5075be27429eae01730847ab78864d092d6e3cfdedcc9f08d95ea74
Analyzer Verdict Alert fortinet Malware
GET /system/images/program5.png?r=1231696422 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 34008
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-84d8"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program7.png?r=1986408781
51.195.6.66200 OK 17 kB URL HTTP/2 igmg.site/system/images/program7.png?r=1986408781
IP 51.195.6.66:0
File type PNG image data, 143 x 132, 8-bit/color RGB, non-interlaced\012- data
Hash eeb2d5fe356d71a3128c903cb041b306
a9b1c3099a347e38a886a075a6a75737631c9667
314f0cf28a9f6341b3c47f96c0ecf06a7c929b495b502907a987afed8fa7feed
Analyzer Verdict Alert fortinet Malware
GET /system/images/program7.png?r=1986408781 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 16669
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-411d"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/iros_amblem.png?r=1303654458
51.195.6.66200 OK 4.3 kB URL HTTP/2 igmg.site/system/images/iros_amblem.png?r=1303654458
IP 51.195.6.66:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash e06152b0921f030754d80520b1a27237
8ab440c4bbce55cf374773017051a4defec1739b
1aa1d9de13ca429b7affd44fffe6709e3885a1cf962a9878e7abcfb40da026b1
Analyzer Verdict Alert fortinet Malware
GET /system/images/iros_amblem.png?r=1303654458 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 4281
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-10b9"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program4.png?r=2081738861
51.195.6.66200 OK 2.4 kB URL HTTP/2 igmg.site/system/images/program4.png?r=2081738861
IP 51.195.6.66:0
File type PNG image data, 77 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 7385f9e6996f26e048e0656af1a63b55
da3e1b9166f1a8171a7b3b0ecdd0fcad8d7fe1ec
c4e1e74d6ad27c277320efec9e1bd55897e424be35b22abf1fcb5ef015984e79
Analyzer Verdict Alert fortinet Malware
GET /system/images/program4.png?r=2081738861 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 2363
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-93b"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program3.png?r=973567175
51.195.6.66200 OK 2.4 kB URL HTTP/2 igmg.site/system/images/program3.png?r=973567175
IP 51.195.6.66:0
File type PNG image data, 92 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 00ac55dafb6bed7c22fa6f79e268bffa
e3a16f6fa4b23db5ac1567a7f7a25ee8b30176cd
2fd5cbee7816a3a0ac5863064f0e7836fc5f2e9e53174984139aaa02a108f31c
Analyzer Verdict Alert fortinet Malware
GET /system/images/program3.png?r=973567175 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 2358
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-936"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/assets/js/js.cookie.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/js.cookie.min.js
IP 51.195.6.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/js.cookie.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
content-length: 0
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "0-5df4b45069287"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program4.png?r=1577293309
51.195.6.66200 OK 2.4 kB URL HTTP/2 igmg.site/system/images/program4.png?r=1577293309
IP 51.195.6.66:0
File type PNG image data, 77 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 7385f9e6996f26e048e0656af1a63b55
da3e1b9166f1a8171a7b3b0ecdd0fcad8d7fe1ec
c4e1e74d6ad27c277320efec9e1bd55897e424be35b22abf1fcb5ef015984e79
Analyzer Verdict Alert fortinet Malware
GET /system/images/program4.png?r=1577293309 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 2363
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-93b"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program1.png?r=1518253653
51.195.6.66200 OK 3.9 kB URL HTTP/2 igmg.site/system/images/program1.png?r=1518253653
IP 51.195.6.66:0
File type PNG image data, 85 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash f546ddd9ea85f69f04b23bbcb9a6bbab
1e0f5dacbd43e2b6ceb0693ddc9ed5e4ff868928
96c507fd8ed7b25af04082722480424f2d88ad77144c65739ea5b259f7d97d71
Analyzer Verdict Alert fortinet Malware
GET /system/images/program1.png?r=1518253653 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: image/png
content-length: 3922
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-f52"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.sparkline.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.sparkline.min.js
IP 51.195.6.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.sparkline.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
content-length: 0
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "0-5df4b450682e7"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/assets/css/plugins.min.css?1909338154
51.195.6.66200 OK 8.7 kB URL HTTP/2 igmg.site/system/assets/css/plugins.min.css?1909338154
IP 51.195.6.66:0
File type Unicode text, UTF-8 text, with very long lines (33012)
Hash 2a64e09d3daf30bee7b1ac8e50fbb88a
cbe79097221db3700a022b7f8c477d46665109e2
d261ba5936b37b5528596e8bde5199366a80ae60a4ca2eb8c655e8b40a08fe56
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/plugins.min.css?1909338154 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-a4bb"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/select2/select2.min.css?303085682
51.195.6.66200 OK 3.9 kB URL HTTP/2 igmg.site/system/assets/select2/select2.min.css?303085682
IP 51.195.6.66:0
File type ASCII text, with very long lines (16463)
Hash 53cbe4e45c874f87433f3d252b583da1
f3233599e6e2a5cdee34173f1e767550a1aa4dbe
ba8841c09230fa9036489444932552f611e63a8496b4b844170a63f21975a689
GET /system/assets/select2/select2.min.css?303085682 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-7c8b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/export.css?1358042945
51.195.6.66200 OK 4.8 kB URL HTTP/2 igmg.site/system/assets/amcharts/export.css?1358042945
IP 51.195.6.66:0
File type ASCII text, with very long lines (33687), with no line terminators
Hash 359fe9d1d63e767ffa803f1482db804b
a501ec98fc688b779269141b80cd845df5c58cee
f6e9e5e13d2ddab891ab63f0c66dd15b9c2103259ee1d2acb35c7c706a8eec98
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/export.css?1358042945 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-8397"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.148.242.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.242.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2tE/qeyslBmbDw+5ELaQ2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kd9aYAIYhGuyNk33VnJfDm6ud44=
igmg.site/system/images/bg.png
51.195.6.66200 OK 7.8 kB URL HTTP/2 igmg.site/system/images/bg.png
IP 51.195.6.66:0
File type PNG image data, 115 x 115, 8-bit/color RGB, non-interlaced\012- data
Hash 171463dd895108e41d0a159e2af10e59
463c4f50e5387527365643bbe016fd3790e28c6f
5439f6fe48c0495aefdf68b1438cb35f2f2db9f93153044f440d69e7129a586f
GET /system/images/bg.png HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:52 GMT
content-type: image/png
content-length: 7771
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-1e5b"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igmg.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 03:08:55 GMT
expires: Sun, 01 Oct 2023 03:08:55 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 269577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 31320, version 1.0\012- data
Hash 3fe71527811fbfedd2c07962e1bc49e7
f63e158a0480c5d711b5e268db0e75e57d87a8a5
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://igmg.site
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:57:58 GMT
expires: Tue, 03 Oct 2023 18:57:58 GMT
cache-control: public, max-age=31536000
age: 39834
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0ac04f7c449093fff4f846a7ae56cd4f
50aeb5664545a0dec4173920a274e906bcbcdf6f
18eff2566317aba7b70ee558e8cba42231eb4eae31e903501dc122c751d6993b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 06:01:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igmg.site/system/images/logo.png
51.195.6.66200 OK 62 kB URL HTTP/2 igmg.site/system/images/logo.png
IP 51.195.6.66:0
File type PNG image data, 190 x 190, 8-bit/color RGB, non-interlaced\012- data
Hash bdba6772eb3477480740c8a34de0d166
c322e86c037868cb60235ed54b3efd7e355820db
747dc61d8573f1904b33b9f7157682643018a5710bb9c2580316ec37514ff1c6
GET /system/images/logo.png HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:52 GMT
content-type: image/png
content-length: 61610
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-f0aa"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyCRQS0vrHQ-0PdWwo4RQRcWkcYh_zFcJFA&libraries=places&callback=geoLocationInit
142.250.74.138200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyCRQS0vrHQ-0PdWwo4RQRcWkcYh_zFcJFA&libraries=places&callback=geoLocationInit
IP 142.250.74.138:0
File type ASCII text, with very long lines (2477)
Hash 602f43fcb77c3fda856579c5e2c620e1
68e1a8a9025ae735cf71ed0d751fb109ccc2612c
e7045e40e7f450d99b5a6f1d65787f07abf327ab1c42529cc4890a611edecdb5
GET /maps/api/js?key=AIzaSyCRQS0vrHQ-0PdWwo4RQRcWkcYh_zFcJFA&libraries=places&callback=geoLocationInit HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 04 Oct 2022 06:01:52 GMT
expires: Tue, 04 Oct 2022 06:31:52 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56257
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9101
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:01:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9101
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:01:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9101
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:01:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ff433c9569a3557d806b1480aeafece9
20bbd46383b85326837f45290ff87df708b3b310
e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9101
Expires: Tue, 04 Oct 2022 08:33:34 GMT
Date: Tue, 04 Oct 2022 06:01:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3966c4-a932-4eb5-a3bf-ca25cde92ccb.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3966c4-a932-4eb5-a3bf-ca25cde92ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0927f94dd9e0cc7272f77972048658c
4d208807e10e73309811101ef2d26ff33b642585
3f184d9ba1588d451dfe5e4dfd84456ce533cbccaf1390ad423e1c6d38c8a35b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd3966c4-a932-4eb5-a3bf-ca25cde92ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5317
x-amzn-requestid: 84ffe752-ae82-4fb6-9b29-9b69a3a3dcdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuGEjIAMF8Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-3717ba3f22da06bc791b20b6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RPvILihWx8WSUuIbF2SJ7LFFvmFTqz4jZmMGGhWRbLBosa1mp0o0vg==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:54:57 GMT
age: 29216
etag: "4d208807e10e73309811101ef2d26ff33b642585"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0001afba-471a-49f7-bb38-3d4741a9581b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0001afba-471a-49f7-bb38-3d4741a9581b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90fead0b9104991552ce689230661d48
dc7bc4a378c0ddcd81e51046d21ed02b8be11a92
94a1a4199f7cb7bc0b48b00aec745e89f2c65dadd905b27879d39347deb44496
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0001afba-471a-49f7-bb38-3d4741a9581b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9708
x-amzn-requestid: 7cfcaf0d-1663-47d7-b08e-be3d0c39e035
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqFjHB5IAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b56f0-04c5da1940a620507649b822;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5EjIZq5-ifuD25S3kj8Bl3SbZH10tm6DII-oRZVci4ic7Za7btGFw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:45:44 GMT
age: 26169
etag: "dc7bc4a378c0ddcd81e51046d21ed02b8be11a92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50556325e5a38a5dd7802b1391815bcb
cf021352d993967e78552b275424ff139e4ef66c
96fd2e848a45d071e334a8d08c8b89215f80f01f947af6da2efaee72dd16914c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4fcdf5f2-fb82-429f-a6f0-8f79d8aa9106.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9455
x-amzn-requestid: c7e1aa21-0afd-4329-a886-ca52e1a30c7e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqJXHLUIAMFU1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5708-1905710834041431314b11be;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: D-2NszpZ31D2YAbZRcPdqN3zZ2ScANt6bokfSbANgnsXBoTF2d__AQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:08:09 GMT
age: 28424
etag: "cf021352d993967e78552b275424ff139e4ef66c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:53 GMT
age: 4740
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
age: 28254
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e2742a-a49a-4d87-a767-7dbb56cff473.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e2742a-a49a-4d87-a767-7dbb56cff473.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f0977129995c466e4710e0ae4304d3e
291232594a2f3170afed3b4814e3a11233d0f05e
80927a148dff4908b799b9f6d167769e68346491092520f5e3638b0f8b5d55a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92e2742a-a49a-4d87-a767-7dbb56cff473.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6107
x-amzn-requestid: 6516bfcd-d6a5-4f46-81fa-ef6033e21aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcqO7GXOoAMF8hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b572c-27fb158e152659380e27c292;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:42:04 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9kLVyQMWmdeqQA58wyOQKBE9yEUxl5DxnG7J8Ozm-xuHD0PW_8SR2g==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:54:16 GMT
age: 29257
etag: "291232594a2f3170afed3b4814e3a11233d0f05e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
igmg.site/system/assets/css/igmgfont.css?1453923766
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/igmgfont.css?1453923766
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/igmgfont.css?1453923766 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-6c5"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/xlsx/dist/xlsx.full.min.js
104.16.122.175302 Found 0 B URL HTTP/2 unpkg.com/xlsx/dist/xlsx.full.min.js
IP 104.16.122.175:0
GET /xlsx/dist/xlsx.full.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /xlsx@0.18.5/dist/xlsx.full.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GEGRWYXFKAPZ5ZWTG0R8CBTH-fra
cf-cache-status: HIT
age: 498
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754bb4934f7f1bfe-OSL
X-Firefox-Spdy: h2
igmg.site/system/assets/js/popper.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/popper.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/popper.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-52ce"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.validate.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.validate.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.validate.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-5262"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/select2.full.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/select2.full.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/select2.full.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-124fd"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/app.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/app.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/app.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3c77"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/morris.css?1132819276
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/morris.css?1132819276
IP 51.195.6.66:0
GET /system/assets/css/morris.css?1132819276 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"1b0-5df4b450634c7"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/ekurs.css?91179906
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/ekurs.css?91179906
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/ekurs.css?91179906 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-62b5"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.slimscroll.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.slimscroll.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.slimscroll.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1437"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.flot.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.flot.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.flot.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-cee6"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/quick-sidebar.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/quick-sidebar.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/quick-sidebar.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ae3"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/layout.min.css?296248393
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/layout.min.css?296248393
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/layout.min.css?296248393 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ec89"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/moment-with-locales.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/moment-with-locales.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/moment-with-locales.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-9721a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/login.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/login.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/login.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-d1c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/quick-nav.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/quick-nav.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/quick-nav.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"19f-5df4b45069a57"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/tinymce/tinymce.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/tinymce/tinymce.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/tinymce/tinymce.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-72a93"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/fullcalendar/lib/main.min.css?1422599790
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/fullcalendar/lib/main.min.css?1422599790
IP 51.195.6.66:0
GET /system/assets/fullcalendar/lib/main.min.css?1422599790 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-616b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/dataTables.min.css?1173313881
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/dataTables.min.css?1173313881
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/dataTables.min.css?1173313881 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-342b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/select2/tr.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/select2/tr.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/select2/tr.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"305-5df4b4506a227"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/pwstrength.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/pwstrength.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/pwstrength.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-9785"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.usa.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.usa.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.usa.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ba04"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/demo.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/demo.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/demo.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-10a6"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/amcharts.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/amcharts.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/amcharts.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3314a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/export.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/export.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/export.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-f3b9"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/raphael-min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/raphael-min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/raphael-min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-16555"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.counterup.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.counterup.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.counterup.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-42d"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/dashboard.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/dashboard.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/dashboard.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-530d"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/css/all.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.2/css/all.css
IP 172.64.132.15:0
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igmg.site
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
x-amz-id-2: jvkXcTuGFcGnAuJ3yjkUWhk6+KGYLcsU2rWstEkhSzqBneYP7YdI7xPkMUXcUTftn5xbq1rXZT8=
x-amz-request-id: STZZBYQ3JFY83377
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1632
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfOoEIDuqmRj3PyxxVJrfu0iLh0TqRmhsQtmLYSM78L9Jz3GeOolyIbhWiOcFvobqUkAKhJPcakfdsOry9W%2Bfr5qO1QugmnElXcpkhKctgiVEvL0UeheR5%2FpeU4TDk1s6gO2KaWB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 754bb49348267741-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.dataTables.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.dataTables.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.dataTables.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-13ff2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.blockui.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.blockui.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.blockui.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-2554"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.flot.resize.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.flot.resize.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.flot.resize.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-928"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.sampledata.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.sampledata.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.sampledata.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-952"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.flot.categories.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.flot.categories.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.flot.categories.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-a26"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/
51.195.6.66200 OK 0 B IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/html
x-accel-version: 0.01
last-modified: Wed, 29 Jun 2022 10:49:44 GMT
etag: W/"28-5e293e94074cd"
x-cache-status: STALE
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery-ui.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery-ui.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery-ui.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3dee5"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/components.min.css?1334276586
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/components.min.css?1334276586
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/components.min.css?1334276586 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-a0436"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/blob.js@1.0.1/Blob.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/blob.js@1.0.1/Blob.js
IP 104.16.122.175:0
GET /blob.js@1.0.1/Blob.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2016 10:24:13 GMT
etag: W/"1800-jszKs+14oLm7MdJGCNbZkvu8ALE"
via: 1.1 fly.io
fly-request-id: 01F52A04572E1EZHSX8W8CQKRK
cf-cache-status: HIT
age: 12972999
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754bb4934f811bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/select2/select2.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/select2/select2.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/select2/select2.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1042e"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,300,600,700&subset=all HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 06:01:51 GMT
date: Tue, 04 Oct 2022 06:01:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igmg.site/system/assets/css/bootstrap-switch.min.css?142689107
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/bootstrap-switch.min.css?142689107
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/bootstrap-switch.min.css?142689107 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1939"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/file-saver@1.3.3/FileSaver.js
104.16.122.175200 OK 0 B URL HTTP/2 unpkg.com/file-saver@1.3.3/FileSaver.js
IP 104.16.122.175:0
GET /file-saver@1.3.3/FileSaver.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2016 10:43:25 GMT
etag: W/"174d-ppV+tNTWNc2klmEzFicm/vyFuQM"
via: 1.1 fly.io
fly-request-id: 01G7VRE3FTP33CX4G5YTR379R3-ams
cf-cache-status: HIT
age: 7148079
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754bb4934f7b1bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/ekurs.js?110267250
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/ekurs.js?110267250
IP 51.195.6.66:0
GET /system/assets/js/ekurs.js?110267250 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-62d6"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/jqvmap.css?696445482
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/jqvmap.css?696445482
IP 51.195.6.66:0
GET /system/assets/css/jqvmap.css?696445482 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"38b-5df4b450634c7"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/bayrakfont.css?1207908335
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/bayrakfont.css?1207908335
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/bayrakfont.css?1207908335 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3361"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/xlsx/dist/shim.min.js
104.16.122.175302 Found 0 B URL HTTP/2 unpkg.com/xlsx/dist/shim.min.js
IP 104.16.122.175:0
GET /xlsx/dist/shim.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /xlsx@0.18.5/dist/shim.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GEGS0DETP5ND1TFVGNNH1X4A-fra
cf-cache-status: HIT
age: 385
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754bb4934f821bfe-OSL
X-Firefox-Spdy: h2
igmg.site/system/assets/dropzone/dropzone.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/dropzone/dropzone.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/dropzone/dropzone.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-22feb"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.world.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.world.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.world.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ecb8"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/bootbox.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/bootbox.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/bootbox.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-4543"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/simple-line-icons.min.css?391710685
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/simple-line-icons.min.css?391710685
IP 51.195.6.66:0
GET /system/assets/css/simple-line-icons.min.css?391710685 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-256b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/pie.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/pie.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/pie.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-394d"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.europe.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.europe.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.europe.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-17d75"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-17b8a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.number.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.number.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.number.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-185f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/
51.195.6.66200 OK 0 B IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/ HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igmg.site/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki; expires=Thu, 12-Jan-2023 06:01:51 GMT; Max-Age=8640000; path=/
x-cache-status: MISS
x-powered-by: PHP/7.4.32, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/fullcalendar/lib/locales-all.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/fullcalendar/lib/locales-all.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/fullcalendar/lib/locales-all.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-47e2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/bootstrap.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/bootstrap.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/bootstrap.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ea47"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/layout.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/layout.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/layout.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-11c0"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.germany.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.germany.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.germany.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-d893"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/default.min.css?170098347
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/default.min.css?170098347
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/default.min.css?170098347 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-5a7f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/serial.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/serial.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/serial.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-c01f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/light.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/light.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/light.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-b62"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.russia.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.russia.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.russia.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-267d3"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/daterangepicker.min.css?193431503
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/daterangepicker.min.css?193431503
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/daterangepicker.min.css?193431503 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-15ea"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/bootstrap-switch.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/bootstrap-switch.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/bootstrap-switch.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3a37"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.easypiechart.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.easypiechart.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.easypiechart.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-f4e"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/bootstrap.min.css?1997049032
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/bootstrap.min.css?1997049032
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/bootstrap.min.css?1997049032 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1cc99"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/dataloader.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/dataloader.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/dataloader.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1a8b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.waypoints.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.waypoints.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.waypoints.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1f6c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-6ba2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/colorbox.css?1409053591
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/colorbox.css?1409053591
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/colorbox.css?1409053591 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-114f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/?act=js_translates
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/?act=js_translates
IP 51.195.6.66:0
GET /system/?act=js_translates HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-cache-status: BYPASS
x-powered-by: PHP/7.4.32, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/fullcalendar/lib/main.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/fullcalendar/lib/main.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/fullcalendar/lib/main.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3c681"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/colorbox/jquery.colorbox-min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/colorbox/jquery.colorbox-min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/colorbox/jquery.colorbox-min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-2eb8"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/daterangepicker.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/daterangepicker.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/daterangepicker.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-7b6a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/fullcalendar.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/fullcalendar.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/fullcalendar.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=aqu4tl0s7j4bjlcgv0tgenbkki
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 06:01:51 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-180ab"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2