www.bentleycm.com/
208.113.169.155301 Moved Permanently 234 B IP 208.113.169.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9b6a856c712d94bb86dad37c95445367
4367e3467bb244304ad4ecbb1e2d6f0184909d60
4f94f723ba3be092140f32a3021f63abc8719905fe99f3f23798474db51c7c01
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 19:22:59 GMT
Server: Apache
Location: https://www.bentleycm.com/
Content-Length: 234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13801
Expires: Mon, 06 Feb 2023 23:13:00 GMT
Date: Mon, 06 Feb 2023 19:22:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6075
Expires: Mon, 06 Feb 2023 21:04:14 GMT
Date: Mon, 06 Feb 2023 19:22:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 18:36:29 GMT
content-type: application/json
age: 2790
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2656
Expires: Mon, 06 Feb 2023 20:07:15 GMT
Date: Mon, 06 Feb 2023 19:22:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aWiHKzmDOnzpBU7RqqkMRd+MgWvo1McrFERIuvUmxMu2fL7fIxNjxmBeAbYTmOdlNr/hxXmSXkA=
x-amz-request-id: 7CGC93DJ7XKCNQG0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 18:45:16 GMT
age: 2263
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 19:22:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 18:51:19 GMT
age: 1900
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5309
Expires: Mon, 06 Feb 2023 20:51:29 GMT
Date: Mon, 06 Feb 2023 19:23:00 GMT
Connection: keep-alive
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RJ08/AhkUZnT43dwUgQmzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iOcuXzUxLQ3P4v0tCihMuxvouSA=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bentleycm.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
208.113.169.155200 OK 299 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP 208.113.169.155:0
Hash 1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:36:03 GMT
etag: "2b5-5f29b7fe32ac0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 299
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bentleycm.com/wp-includes/css/classic-themes.min.css?ver=1
208.113.169.155200 OK 189 B URL HTTP/2 www.bentleycm.com/wp-includes/css/classic-themes.min.css?ver=1
IP 208.113.169.155:0
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
etag: "d9-5ebdc1e39f300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 189
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0
142.250.74.132200 OK 579 B URL HTTP/2 www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0
IP 142.250.74.132:0
File type ASCII text, with very long lines (912), with no line terminators
Hash f2daf49af0ca78728806bd28cfcc4f62
74066b73587d0cfb717ca7d46af4f5b33c02085f
3716298a1b27a533e8cca53149826a27ef2ff26d67f4a4f7556ce56b7d337ef3
GET /recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 06 Feb 2023 19:23:01 GMT
date: Mon, 06 Feb 2023 19:23:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2
208.113.169.155200 OK 1.1 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (370)
Hash cb1a5eb4481e0b7cc0d10231e620e344
c45a5d6eec01eb04410bff1fc52af97a603bd87f
66f248cdf72637103c354edfcae99b48d3d0c462049ce0996f687fed6fdb9e1f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:01 GMT
etag: "e4b-5f29b91a64940-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 1102
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6
208.113.169.155200 OK 106 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6
IP 208.113.169.155:0
Hash 8af7d01cc8f7698605260aa25a37f45e
854439cb106afae13bace1acbdfd03e0ec2daee4
8b46abceed3ee90f0e9053977b5dcb569c09784270d0e5fff5aebf80256501e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:49:31 GMT
etag: "62-5f29ad978a0c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 106
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
208.113.169.155200 OK 996 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
IP 208.113.169.155:0
Hash 40b4c9407635aab8ae29afebf2101d84
38eda5de806e116aafc5078d150255da89bbc08a
98aa8af946fc88e8cc526dd16c78f5e08c071be559a51059992fe462b9093dcb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 01 Feb 2023 16:21:42 GMT
etag: "af3-5f3a5d7ff241f-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 996
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
208.113.169.155200 OK 534 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (1425), with no line terminators
Hash 5eaefed24bc519be8eb8dd36c5067bc1
05bc5bcca155944ef794db9313e5a8ea566e697e
c1f81ac00a60bdee57f8a64940bbd7d7389d5b1815208a49dae88761f1733a27
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:01 GMT
etag: "591-5f29b91a64940-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 534
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/style.css?ver=6.1.1
208.113.169.155200 OK 1.3 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/style.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (358)
Hash 8d927ad5e9e8bc45605d291627bd1348
1a3431806a1108c4830bdf8e8ce33dda20ae0ab3
aedcac6f92f6232eeb8f843a78017caf05e303ecd820aecd32e764d4dce17fdf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/style.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "1104-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 1335
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
208.113.169.155200 OK 12 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
IP 208.113.169.155:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 12c278b008f74bf3d8d49053980d7b12
0045408fa5b6dfb9a752490f2e259a4d32f05e12
7e7062020acc16b6aba73210630b3dbe12630502676c9dff0c1c5bf0a0e51642
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:32 GMT
etag: "e1a2-5f29ab5c49d00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 12166
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
208.113.169.155200 OK 13 kB URL HTTP/2 www.bentleycm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (47826)
Hash 230215725aaa95357dab4851af106ffd
d928b57aa7af333dfdda0bc97922463065bf0c1b
fe8f0af1002ddb91bc8baa0f8d743802e9b9c7dd444dd89267e22ba6d08ece5a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: "172a9-5ed33192c4540-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 12972
content-type: text/css
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linear-icons/style.css?ver=6.1.1
208.113.169.155200 OK 1.7 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linear-icons/style.css?ver=6.1.1
IP 208.113.169.155:0
Hash 4e2cc12d1a6bb2692d665fc1b9ae57b0
2fde0daee411269f5e7386327c61cf2a90fd6ca4
387cf6f334fb88701698cfa33ccda2f4e3870098620d454f722658c21e5f0f59
GET /wp-content/themes/brunn/framework/lib/icons-pack/linear-icons/style.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "2098-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1667
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1
208.113.169.155200 OK 2.6 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (344)
Hash cf3ccc449de50f62df0b09ed0d56ae73
f9585980fdf9ce939ec10b6ea998203ecd45e859
48d9e73890d956fe14b0ab233508ba3665660654e5b1d00a20fbaf5016aa8a6a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:22 GMT
etag: "3037-5a368a8794780-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2636
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
208.113.169.155200 OK 2.6 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 208.113.169.155:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 75242d67c1a758ea94e3d10c607e68da
dda69e23f51356aa4285f9fabe841e83fcbc2ace
147804fec1d09ffa1724d0bff08cbe575811ba1cb594a92187eebbd062925cc0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: "2bf8-5b075c75d5c80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2592
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687
208.113.169.155200 OK 631 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687
IP 208.113.169.155:0
File type ASCII text, with very long lines (2552), with no line terminators
Hash 3f5b93157e74983cd4cc129c35de1615
f781589cb2f1d8a85f01c86fef6764b1d4046710
3c843fbef58817414cf3f1c52e5a2eddd756b2951845bd217015201a42a37dc1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 31 Oct 2022 21:11:27 GMT
etag: "9f8-5ec5b0cf33dc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 631
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1
208.113.169.155200 OK 4.8 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (45633), with no line terminators
Hash ef34127c60c773c03e7b1a3b040e1461
d534c9f22283489a9e872acd2987627616bc58bb
03e58e978fdc9455e0cecd65b7f8dbe509ab02433f739719295eb708d1739d07
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "b241-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4809
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
208.113.169.155200 OK 7.1 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 208.113.169.155:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 18ab0f2141a86fcbe7b09e55852a231b
0d35ef890c710cac5fb4a71801c7279d951b3f6d
3462a75039aa0c82d1501ddd3615afcf894cacaa1fe19f23dc707d8bbe422482
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: "53c0-5e95d8f5cb080-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 7137
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1
208.113.169.155200 OK 4.3 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (21769), with no line terminators
Hash 6d2deda45521e454ad2b18091a6bbbd7
254722e998b14877fc2b8e45eb6836590104fa77
110ff1e12a78fcaa709fa955dae049125fbcf03d126592eb275e379e44260013
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "5509-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4304
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1
208.113.169.155200 OK 2.0 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1
IP 208.113.169.155:0
Hash 48c30024d84f40fcde2ca974d743176a
55becdc9379974965201b1c4809a6f1c230b2495
12d2f25f7660d34612814f82ed2e150486c1cc36208afc2fd1d20d9c339e9917
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "2d1a-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1952
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
208.113.169.155200 OK 1.2 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 12abf54137d4fe7125009945facd733d
4c7d795c2b7857a8e8733f667d61a7a88565818e
48856e8c9f3fd260906105995e727f97d909869a362ecbc183fe10af73d4e479
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: "105a-58ac1e7924f80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1161
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1
208.113.169.155200 OK 734 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1
IP 208.113.169.155:0
File type HTML document, ASCII text, with very long lines (1234)
Hash fcc375a83f255a90c6bfb4f23c5cff02
80b721e5cb742af645ad34c3836db48021e69319
4ab585a5964ee2d5403c790bb2a4d72985af5daad764e4968e9957b736c2dd7a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "52c-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 734
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
208.113.169.155200 OK 540 B URL HTTP/2 www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (1191), with no line terminators
Hash 2029090ac267ecfc20a3c0b884202de9
0ad1d2ea2030ad3c98315a8342168cb0e2c2fca1
a5f0b6001e19c189db4a985f7be8577804f4620edfc4e0812483cf571618607d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "4a7-5dc2a2438e980-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 540
content-type: application/javascript
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive
www.bentleycm.com/wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1
208.113.169.155200 OK 1.6 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (10756), with no line terminators
Hash 513b34ed2a33300f7fbf40b2f114fd03
bbb7f38e13c553cd0750c6263da3b9ac4d6d2148
3626d004abb5744606873321852c681178c034de42d5d7640f2e53be158e843c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:37 GMT
etag: "2a04-5f29ab27d6140-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1617
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
208.113.169.155200 OK 2.8 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (8632)
Hash efc785e8a97dfd4ffd4093c18306c94e
40048fe71d8ee71fe18ccd0ee96ec40588e26e65
89e6452557241c6f3dae72e7cea40e179e926ff0d649076abebb1abb19c84e4c
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
etag: "226e-5e90b89c73840-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2776
content-type: application/javascript
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive
www.bentleycm.com/
208.113.169.155200 OK 30 kB IP 208.113.169.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash 27664acf95a552af00d2c445cbeca743
0a532aa475b8456e6efc72490c6869e59fac93a4
c5ecb5db81cd662ec02ae447106535555bca22d008100b25302afb9acf2bb0e7
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:22:59 GMT
server: Apache
link: <https://www.bentleycm.com/wp-json/>; rel="https://api.w.org/", <https://www.bentleycm.com/wp-json/wp/v2/pages/21>; rel="alternate"; type="application/json", <https://www.bentleycm.com/>; rel=shortlink
vary: IS_SUBREQ,Accept-Encoding,User-Agent
cache-control: max-age=600
expires: Mon, 06 Feb 2023 19:32:59 GMT
content-encoding: gzip
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 76327
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1
208.113.169.155200 OK 8.4 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (369)
Hash f78b03405f053ebdc9b862d2f279e691
c469ec4f6dcb26909384f4bd4059217272f6e298
2e5061562bd635c1f9cb9784372b0a7baf32bc3f145df63747386b311d765806
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "13100-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 8445
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1
208.113.169.155200 OK 8.1 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1
IP 208.113.169.155:0
File type Unicode text, UTF-8 text, with very long lines (50806)
Hash 98288d4f3eeb25aa4dd24d55bf47ed6f
6afd4eb7301c92a1c8172d8a6e3ee61d075a6a6b
3f868649d31a63ef5efd5664caef129181c1e2cdcd8a2b859276c475d1e3dac8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:22 GMT
etag: "c854-5a368a8794780-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 8084
content-type: text/css
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gcy4nCriTOJhhTqFJBuks649uy0s4r3TVV3-yAcUhImLwqKpn1d2_w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:20 GMT
age: 76361
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WPChtMRjKafjMFkXCam-m5lHQ-4E-UZ5VwnfjrBKaz6nuOh70Fkunw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:46 GMT
age: 76815
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 77572
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7HTSLYJmhfIGlCjeG2EeN3q2Cd9vKlq71nqo3iIuhwkgwlEAlRPmQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:02 GMT
age: 77519
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 76316
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
208.113.169.155200 OK 4.2 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (11126)
Hash a65d5500f76589b8c41c6d1e8895c456
fc9b5b82c4a5c6973efcbca5f6ca01a5eb252a59
9cb0e5695834af1b05fa4e3699dc7be10857e491c8c511edb63ed7f337083d1d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4204
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1
208.113.169.155200 OK 878 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (1766)
Hash b418f2c641fe326ca6c6d003986dafbb
ce0856e3d4eaab01e73cf6dafd450779969f2eb0
3cbc0916a8120a1282a2f04ee68743e5fe7fb5fce94173973556dd49185d58b4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "815-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 878
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687
208.113.169.155200 OK 128 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687
IP 208.113.169.155:0
Hash baff31a7d2958fb097f14a94bdfb91d9
1874c24eb14734f1d53bbf9537138b255ce9bafb
ff16481ac07a6f863b71b29e7d8f08545e13a1165dad7909844df72cbdd2bdd3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 31 Oct 2022 21:11:27 GMT
etag: "112-5ec5b0cf33dc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 128
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
208.113.169.155200 OK 706 B URL HTTP/2 www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (1464)
Hash e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "5db-5dc2a2438e980-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 706
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1
208.113.169.155200 OK 1.7 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (3447)
Hash 899ed05f203ea0c9d59a223e967a8c19
466d6ec7fd066b9dfab4f53886c570870335d2fc
82f600d494b20c35c5fe79fd6b8811701d40e9f00b86855713fadcceeb730643
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "120f-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1665
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1
208.113.169.155200 OK 1.9 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1
IP 208.113.169.155:0
File type Unicode text, UTF-8 text, with very long lines (3601)
Hash 8ca47f570cf96a73efe74e0a7cf70d27
fceeeffc9ed684d69eb2b2738b408ea238277850
576ff1dbc4db3d6adaaee5f0c052f14d29637a1aba9e1881b9cedc09632738ca
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "15bd-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1871
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1
208.113.169.155200 OK 1.3 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (3968), with no line terminators
Hash 5c4d9cef905f819a16341d7670486f4f
4601e0716220c86993765a3bb679ff9ebb3e9a01
59b10c37b34a3558334132fdab1256b466783e21eb5006b359a2802e923f4e4e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:43 GMT
etag: "f80-5f29ab2d8eec0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1299
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
208.113.169.155200 OK 475 B URL HTTP/2 www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP 208.113.169.155:0
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash c7aa8936938be0b65781455878aa2085
0066e0c5ed75b3ccd5bb01db5f373d995c217a29
a764eb4204428f671190ad2bc84bcbd86cd9a6bfd05a7ded46bceb651503c508
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
etag: "38a-5b955069f1180-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 475
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1
208.113.169.155200 OK 930 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (1913)
Hash f811cef2e2204905362bbe097c4a4dbf
8c0d03d477b5fc761c02dc5d65bc0ce459f2d282
dacf00b06cc6fc5032c2477ea171c72af6382bf4c030e7c094e6ea06af18f11f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "7a7-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 930
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1
208.113.169.155200 OK 635 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (1075)
Hash 932ddac6336d94397b6c8d9b659ab1a7
6a218d500b2d8040856077f418be39e1d3d325a7
e7b2e77ac61017f725d8c16ac0c2361c11c8f5a77217739478cd64dfe137b73b
GET /wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "577-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 635
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
208.113.169.155200 OK 685 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
IP 208.113.169.155:0
File type ASCII text, with CRLF line terminators
Hash 8639d19c0be39197dcc34bc9e89676e4
10b16e16ce0c00bcf44a4506fdf3249ffae43b28
05ca53432b5cf02af7fa9f16ea53a3c0bc978cb8aaa580fa47fab88a1eeb4cd9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 06 Feb 2023 15:47:41 GMT
etag: "7d0-5f409f38ec686-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 685
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1
208.113.169.155200 OK 627 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (1238)
Hash ce58c055129c07f10f69e18be4bd92a5
07252dc31cae98092d6890fd2a6f7bf07d52f90d
b9febfcc3a4f16336ce64ca0c94327d9bdbaa29b5b2c3e15115f01c2d3a8b53a
GET /wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "4ed-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 627
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1
208.113.169.155200 OK 440 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (884)
Hash 3d714416bc918e178ec12d3d2da0373e
3d23c0175598bb53bce5643bbd4ff5a024597e70
3654efe473e2ece6aeb16a46df48dd4191fc39f03ef70afd1d7ec067417a030b
GET /wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "39c-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 440
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1
208.113.169.155200 OK 7.7 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (35179)
Hash 52f8835b76f98687a4da73b408491217
9648a800432207496286f3f2a1511f2ed6a2bbd4
f5dbdce39a1406caa0c4a4d18409d11e32ca2efb69d5db46cd1db807a47cc42a
GET /wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "8a1f-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 7749
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1
208.113.169.155200 OK 1.6 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (3070)
Hash 463231a72241fe997d34e3cad780b421
ec03a4a7e86e610cd0c2dd1fb4b7b7a2016862c4
1bc746d2682ea8dd05abd2bb6678354e29bfa5366a6eb09c289586309a1559da
GET /wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "d7d-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1553
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2
208.113.169.155200 OK 1.9 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (387)
Hash 107601582e6bd05be6d2996b78e68a66
fbb4c6873df5b6fbb234a7a350eda60f1ce0b464
9001145bfc6fc894f7dfac6bd112fb79911b64e274c8dbdc3e214d07b20c7e6d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:02 GMT
etag: "22f8-5f29b91b58b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1871
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/gtranslate/flags/16/en.png
208.113.169.155200 OK 707 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/gtranslate/flags/16/en.png
IP 208.113.169.155:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash e4896565595fc22e344fd619c0ed15bb
43d4481a4cc3e60b406b2467b5f7e576fcbae260
c3a4cb8f32ef0cd89e6429d40d1faebd359e02e34d69764052c8402a391e9a00
GET /wp-content/plugins/gtranslate/flags/16/en.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 19 Jan 2023 10:35:59 GMT
etag: "2c3-5f29b7fa621c0"
accept-ranges: bytes
content-length: 707
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1
208.113.169.155200 OK 2.8 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1
IP 208.113.169.155:0
File type Unicode text, UTF-8 text, with very long lines (8863)
Hash baa2ca938b1e7ff518bddc2d7ac17f26
813c86d75341dfab55361d7fdfe4e4725d6de7f2
c0ca94622c9b0e13df845f2aed2a6b36faed813d46c5e3a263abf32904489f84
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "2349-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2761
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1
208.113.169.155200 OK 2.6 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (5412)
Hash 8bbc40a7f83775a360d40c04497798fe
3227610e0c8b8fe13bc3fa17086b95c3f1582a88
86e3097e0f6c77448c1bba7de54f3e5977b0b3d270b51cf0e0d77ca634a4f1fc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "19ab-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2620
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
208.113.169.155200 OK 3.1 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP 208.113.169.155:0
File type ASCII text, with very long lines (10565), with no line terminators
Hash c42d2b93b37382662b44400e2513fe25
f80281b70ea02b8bbfefb8c7cd4690be355848be
5573be5d09a976c15728ec50bc9ec54f059ecf9c0aee9d6a78eed37f25ad559b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 01 Feb 2023 16:21:42 GMT
etag: "2945-5f3a5d8002dbe-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 3060
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
208.113.169.155200 OK 5.1 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (15660)
Hash 3971154f76bf26e704b4910111d124ba
60dfcafe9593005b92cd0ce40f429b241ae3b287
549584b85b7433e767b71e774e5fcef37c40c19169e3979597b6ab7f8314b3c4
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "48b9-5dc6eb878efc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5085
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1
208.113.169.155200 OK 4.2 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (13554)
Hash ec0be935de302f38e53898eb38296c75
515369ee561f7cb8bd8dd2c3de04ded548f0879e
ece6df370c3e185108df6e7d845641acd59012b5b9abe110ecee5f1423526015
GET /wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "3538-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4151
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
208.113.169.155200 OK 4.0 kB URL HTTP/2 www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (11760)
Hash ceadb732f7c2ec419c755d1f5119081c
5a591d21426f632c823bbdfed63f03bcadf71cf2
eac6a6f98635b66add190745fd7d378fe8f4c506d813c06bc281c449496169e8
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
etag: "2ea1-5e90b89c73840-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 3962
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1
208.113.169.155200 OK 4.5 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (13345)
Hash b89524b964eff3dffd05f33daf636613
8c6221f40ff585204f67858ddb9498e8db030e57
3fbaeaebad0ee08f4efcba15c45987d75a977c99c4dbeba52aea216459074224
GET /wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "3525-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4534
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/02/05.png
208.113.169.155200 OK 8.3 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/02/05.png
IP 208.113.169.155:0
File type PNG image data, 167 x 69, 8-bit/color RGBA, non-interlaced\012- data
Hash a3d57a9b02674abe8cb24edbaf94de98
c60218b964f35e9ca2d7f84d9f8fab206ddfc192
8c68fc038c8e78c101239c81f7a4ff3480aa17c34eb2cf20d7dbb040b79c4ec9
GET /wp-content/uploads/2020/02/05.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:03 GMT
etag: "2064-5a368bccc86c0"
accept-ranges: bytes
content-length: 8292
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1
208.113.169.155200 OK 5.4 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (17959)
Hash 8ae09fe7c5e3be6dd4e2fc04439d05b0
76e92678436779cb56d8575de6c19bec63b7921d
26592a762b25c55948b29a0533751c13544d7f76f6f7ad389df99bcde7a2e09f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "4672-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5407
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/02/02.gif
208.113.169.155200 OK 12 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/02/02.gif
IP 208.113.169.155:0
File type GIF image data, version 89a, 255 x 137\012- data
Hash 8d3f65ff77b0ebadd2242b08f147135d
7119967da6baffbb3d4b990aa86adf3b32ae95f6
2b9d917493f6e30eb4b10f267af628c7d1b0bf7b000aad0bc1b2274967324e6c
GET /wp-content/uploads/2020/02/02.gif HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 13:52:02 GMT
etag: "30ad-5a368bcbd4480"
accept-ranges: bytes
content-length: 12461
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/gif
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
208.113.169.155200 OK 5.8 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
IP 208.113.169.155:0
File type ASCII text, with very long lines (20382)
Hash f5bd8afe58e322fa09842173e8f63f0c
6c1b1f4dbfa966e4565c2a897a2d270a8b0c3a09
f0bc2d6b525cc8f82420708f40d73b327c626752cdbeffc79e965995070a6284
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:52 GMT
etag: "5079-5f29ab6f5ca00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5845
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1
208.113.169.155200 OK 6.0 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1
IP 208.113.169.155:0
File type HTML document, ASCII text, with very long lines (13826)
Hash 552ad5e8987fe5ebc60ab3bd6dc1eb41
15796d771f4b0e80642d77a8cd84c6ffaa3a2ad4
bda54a0211a5176d4512fa941093753fe065aed8baffa3d8fd3636dfddeddb73
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "380e-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5988
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
208.113.169.155200 OK 10 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
IP 208.113.169.155:0
File type ASCII text, with very long lines (32004)
Hash b2dc5c223df265e5d597c2c78e6e19e4
0dcf070489abcf0977eddfabbfc29619e9549c4a
674b4bff61bcef4b40e6c97c01b5ac646bdb15773d3916a8b0854fc4d6774315
GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:40:00 GMT
etag: "8b8a-5f29ab76fdc00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 10116
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/02/04.png
208.113.169.155200 OK 23 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/02/04.png
IP 208.113.169.155:0
File type PNG image data, 179 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash e4fe14c1651c896325421a460ff449fe
d7d0716856751486dcd87f0866abc2c0d930d24f
fd67ada31dd18a18fb9c6722d254fc92ac71256dfbf56b413e2fe535519a2553
GET /wp-content/uploads/2020/02/04.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:03 GMT
etag: "58f8-5a368bccc86c0"
accept-ranges: bytes
content-length: 22776
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2
208.113.169.155200 OK 10 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2
IP 208.113.169.155:0
File type ASCII text, with very long lines (40587), with CR line terminators
Hash 777ba884080725a2ca1db84dc4ff1c39
11af31931f387e31cffb28e485c50d1e27942fd2
ee63ffddea696bd5e1b421ce9dd57b2316c0295828a51c7496b82be43356bd37
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:02 GMT
etag: "a05d-5f29b91b58b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 10099
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1
208.113.169.155200 OK 12 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1
IP 208.113.169.155:0
File type ASCII text, with very long lines (31997)
Hash 18afff6d50b491b177c2e2c28c50c509
2111c4bb55bf5ca02a966efc8cda4582169fdf4a
9a42f64a869a53a8534eba0b543d13bdb9c9d2cf480cdc92046cd122dc800142
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "ad37-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 11647
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/02/01.png
208.113.169.155200 OK 37 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/02/01.png
IP 208.113.169.155:0
File type PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Hash 3083b6fc3fa05a97ea01adc0971255c7
42dbdad37d25613e35a8f2dd519177e428e197dd
d7884e322a2221db9b79ea9149b7b2040c41b404890bf1f0a89748c44eb0408f
GET /wp-content/uploads/2020/02/01.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:02 GMT
etag: "90f5-5a368bcbd4480"
accept-ranges: bytes
content-length: 37109
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/04/Bentley_last-1.png
208.113.169.155200 OK 69 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/04/Bentley_last-1.png
IP 208.113.169.155:0
File type PNG image data, 950 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash c73bf960b2223abe271ef74c27b8aa2f
b6e75c092454f6345cd7d359a10a8e4f19f7b6fd
28970631a8802f14a53ada1629e4772dfc2c759d8adbc0478237cb7ef6f1da10
GET /wp-content/uploads/2020/04/Bentley_last-1.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Fri, 17 Apr 2020 18:54:26 GMT
etag: "10e2d-5a381140c1c80"
accept-ranges: bytes
content-length: 69165
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1
208.113.169.155200 OK 20 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1
IP 208.113.169.155:0
Hash 85343bebbc531bb09c602284f92a6661
8b020258569fec9351b728ebb4405c7c0d08ecd4
f2e680edff2af75e36d47d170c32f8a16acf87cfc3b83590e6a5952474d2d195
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "139d8-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
142.250.74.35200 OK 4.3 kB URL HTTP/2 www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP 142.250.74.35:0
File type ASCII text, with very long lines (23413), with no line terminators
Hash c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c
GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 348874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 303293
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Hash 2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 10:06:16 GMT
expires: Mon, 05 Feb 2024 10:06:16 GMT
cache-control: public, max-age=31536000
age: 119806
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff
208.113.169.155200 OK 64 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff
IP 208.113.169.155:0
File type Web Open Font Format, CFF, length 63664, version 1.0\012- data
Hash fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "f8b0-5a368a88889c0"
accept-ranges: bytes
content-length: 63664
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 19:23:02 GMT
content-type: application/font-woff
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2
208.113.169.155200 OK 40 kB URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2
IP 208.113.169.155:0
File type Web Open Font Format (Version 2), TrueType, length 40244, version 1.0\012- data
Hash 64f88ebe25c54a12320f42f0b229961b
d819bead49948f3f349b64b5bb4322622ebdd9b2
ececd30b13956872441d17b03b9de4c032b5983f0932051e763a0a6d0250842b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "9d34-5a368a88889c0"
accept-ranges: bytes
content-length: 40244
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 19:23:02 GMT
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/gtranslate/arrow_down.png
208.113.169.155200 OK 208 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/gtranslate/arrow_down.png
IP 208.113.169.155:0
File type PNG image data, 5 x 3, 8-bit/color RGBA, non-interlaced\012- data
Hash 20a650477130c7c2c62c5647131f545b
4615101fcc5df1fab3e7dd516d058e1052a8fcb2
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516
GET /wp-content/plugins/gtranslate/arrow_down.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 19 Jan 2023 10:35:59 GMT
etag: "d0-5f29b7fa621c0"
accept-ranges: bytes
content-length: 208
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/gtranslate/switcher.png
208.113.169.155200 OK 207 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/gtranslate/switcher.png
IP 208.113.169.155:0
File type PNG image data, 10 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash d6ae4f341752017ab0e603e3bb9260b7
c84c11d3bc69c7e14b2f75e7dea6e0ac93dee1e2
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e
GET /wp-content/plugins/gtranslate/switcher.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 19 Jan 2023 10:36:03 GMT
etag: "cf-5f29b7fe32ac0"
accept-ranges: bytes
content-length: 207
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/04/Fantastic-island-000049411402_Large-600x450-1.jpg
208.113.169.155200 OK 48 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/04/Fantastic-island-000049411402_Large-600x450-1.jpg
IP 208.113.169.155:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17], baseline, precision 8, 414x275, components 3\012- data
Hash cfe970e84b9c21d8039410ecae8d59ca
32a0b58c7497e4cfef82d035bb403f5e0703ac75
714e4c3cc218b913c72d3051f311202c7745d2ede32b6d508969d0027ec7c0f0
GET /wp-content/uploads/2020/04/Fantastic-island-000049411402_Large-600x450-1.jpg HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 15:51:44 GMT
etag: "bbd2-5a36a68d1e400"
accept-ranges: bytes
content-length: 48082
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/images/ajax-loader.gif
208.113.169.155200 OK 4.2 kB URL HTTP/2 www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/images/ajax-loader.gif
IP 208.113.169.155:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/images/ajax-loader.gif HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:01 GMT
etag: "1052-5f29b91a64940"
accept-ranges: bytes
content-length: 4178
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/gif
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 540836
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 76862
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
216.58.207.227200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Hash 101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 16:03:02 GMT
expires: Mon, 05 Feb 2024 16:03:02 GMT
cache-control: public, max-age=31536000
age: 98400
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.142200 OK 104 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.142:0
File type ASCII text, with very long lines (2385)
Size 104 kB (103723 bytes)
Hash 7ee182e6c7fc1db0addf7db0a38cfa23
d5db576be30113e690ff82d0f1ce596c20c8d124
5e84a61fcb091e63a9e2c2d80b6d17d5eadefab9ba127656ea14e990c6bc55c3
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 19:23:01 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+152; expires=Wed, 05-Feb-2025 19:23:00 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/04/cropped-Screenshot_58-1-180x180-1-150x150.png
208.113.169.155200 OK 18 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/04/cropped-Screenshot_58-1-180x180-1-150x150.png
IP 208.113.169.155:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash db01fb321dee717744bd63d0f8b76080
0db8c543def2014853d099cc756c03eab3837415
83c3788c6a9f1357dd5409ddd95b96fbc27f4c2553e6745af30be54548a5e824
GET /wp-content/uploads/2020/04/cropped-Screenshot_58-1-180x180-1-150x150.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 19:11:44 GMT
etag: "4561-5a36d34135c00"
accept-ranges: bytes
content-length: 17761
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/02/mortgages_with_overlay.jpg
208.113.169.155200 OK 27 kB URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/02/mortgages_with_overlay.jpg
IP 208.113.169.155:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash b5e29c994294566617bf675a2727cd60
c5969e350469385f91871caff452b12b546c9db4
c61aa2dd61eb30fc712c5444f9a528ae2ca16ee697f7e4e2ad47fffdb718d35c
GET /wp-content/uploads/2020/02/mortgages_with_overlay.jpg HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 13:52:01 GMT
etag: "47dcb-5a368bcae0240"
accept-ranges: bytes
content-length: 294347
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:57:24 GMT
age: 77144
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A300%2C400%2C500%2C600%2C700%2C800&subset=latin-ext&ver=1.0.0
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A300%2C400%2C500%2C600%2C700%2C800&subset=latin-ext&ver=1.0.0
IP 142.250.74.74:0
GET /css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A300%2C400%2C500%2C600%2C700%2C800&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 19:23:00 GMT
date: Mon, 06 Feb 2023 19:23:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/css/modules.min.css?ver=6.1.1
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/css/modules.min.css?ver=6.1.1
IP 208.113.169.155:0
GET /wp-content/themes/brunn/assets/css/modules.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "79c1e-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
IP 208.113.169.155:0
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:32 GMT
etag: "43767-5f29ab5c49d00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:700%2C500%7CRoboto:400%2C700%7CMerriweather:300%2C400
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:700%2C500%7CRoboto:400%2C700%7CMerriweather:300%2C400
IP 142.250.74.74:0
GET /css?family=Montserrat:700%2C500%7CRoboto:400%2C700%7CMerriweather:300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 19:23:00 GMT
date: Mon, 06 Feb 2023 19:23:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP 208.113.169.155:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
etag: "26935-5e9d196cce3c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 208.113.169.155:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
etag: "15e54-5e9085b47de00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema
IP 208.113.169.155:0
Analyzer Verdict Alert fortinet Malware
GET /wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bentleycm.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
x-robots-tag: noindex
link: <https://www.bentleycm.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,IS_SUBREQ,User-Agent
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 19:23:02 GMT
content-type: application/json; charset=UTF-8
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1
IP 208.113.169.155:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "1d657-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1
IP 208.113.169.155:0
GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "56d0-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 6047
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 208.113.169.155:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:32 GMT
etag: "24ca1-5f29ab5c49d00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/uploads/2020/02/03.png
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/uploads/2020/02/03.png
IP 208.113.169.155:0
GET /wp-content/uploads/2020/02/03.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:03 GMT
etag: "4503-5a368bccc86c0"
accept-ranges: bytes
content-length: 17667
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2
www.bentleycm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
208.113.169.155200 OK 0 B URL HTTP/2 www.bentleycm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
IP 208.113.169.155:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:51 GMT
etag: "765f9-5f29ab6e687c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2