Report - www.bentleycm.com/

Report Overview

Submitted URL
www.bentleycm.com/
IP
208.113.169.155
ASN
#26347 DREAMHOST-AS
Submitted
2023-02-06 19:23:11
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
98

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.8 kB	75 kB	34.120.237.76
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-13T05:10:57Z	411 B	104 kB	142.250.74.142
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	54.186.209.73
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.4 kB	4.9 kB	216.58.211.3
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	426 B	1.1 kB	142.250.74.132
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	483 B	5.1 kB	142.250.74.35
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.5 kB	106 kB	216.58.207.227
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	954 B	1.3 kB	142.250.74.74
www.bentleycm.com	unknown	2018-11-02T20:22:43Z	2023-03-06T15:23:02Z	36 kB	612 kB	208.113.169.155
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-06	medium	www.bentleycm.com/	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/style.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2	Malware
2023-02-06	medium	www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17	Malware
2023-02-06	medium	www.bentleycm.com/wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0	Malware
2023-02-06	medium	www.bentleycm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (63)

	URL	Size	First Seen	Last Seen
	www.bentleycm.com/	1.5 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:43 Last Seen2024-05-04 13:25:01 Times Seen115 Hash 8a7ad05249883e2d1a4155a5ed35ff43 b476eacda7ee0d53156465b7578904eb6caf626e ff2645fa866c838505a03f4298558aff9b6e863804d12ac8c4eccef6ddcbd2d4 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1	3.5 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-05-04 05:00:49 Times Seen243 Hash 00e176600bff5845082783cff4b81cb5 766f167a720d929d71c11c56147a10c3ff27ea54 09f01af7c524f7b25299dced4f190ddbdf7dc30598fc00adf61cd370679f2d86 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1	2.0 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-05-04 05:00:49 Times Seen446 Hash 7e6eeb84a7b039b44060fb27d1fd3b79 abefe350c6236462c810a9c8e1a615f97e004a86 0b09504e6dac92313169869cd37208c879a0a838b45cd6848264e27a6642ebaf Loading...

	www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3	11 kB	2023-03-09	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-05-04 18:13:48 Times Seen8897 Hash 7f0734e228d3f1a255a8b817a5005b8e 3dfca70a7a3e298fc392f2393ca60d350eebb5fd 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1	14 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-05-04 18:15:53 Times Seen1231 Hash f6917787a87c6fbadb0c3b31223d1b19 277beaf1c32439418da113cbc0dd43946276858f f2a495f34a522b7715c881352e81293c528f3d69b4bf35db7fc58164c8828d04 Loading...

	www.bentleycm.com/	869 B	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-04 13:25:01 Times Seen216 Hash 23abce331939da08653ad1ae0e96ab42 9d643a7eff4ca07cad0e2ffc4f851ac5178182ae 5b3784f77d8eeeff1634593241207b833374d91da614bd64e06c57de1a25f5e7 Loading...

	www.bentleycm.com/	1.1 kB	2023-03-13	2023-03-29
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:23 Last Seen2023-03-29 22:26:22 Times Seen2 Hash a276a3200dec94f6080ea8e87dacc153 861e26e6df412fbc83f914a677480e419ee30d0b 3685f91b3d678f89fa5854242705836bc0da71707115079521ba5095402209b9 Loading...

	www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17	158 kB	2023-03-08	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:25 Last Seen2024-05-04 18:15:54 Times Seen10311 Hash e53ec3d6e21be78115810135f5e956fe 523892839b88351523e0498ba881c4431197b54e b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAz1kkAAAAAJ0rO5jN4UVy4YnG5ERrNDkL8xCn&co=aHR0cHM6Ly93d3cuYmVudGxleWNtLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=lbt3vnnrq60t	69 B	2023-03-07	2024-05-04
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAz1kkAAAAAJ0rO5jN4UVy4YnG5ERrNDkL8xCn&co=aHR0cHM6Ly93d3cuYmVudGxleWNtLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=lbt3vnnrq60t IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-05-04 20:18:23 Times Seen100741 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2	80 kB	2023-03-13	2023-03-13
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2 IP 142.250.74.142 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:24 Last Seen2023-03-13 18:34:24 Times Seen1 Hash 9f4a3072ef11cb16bdf0dacd0c0d3b90 dea07b532a80608e0043a91ae9babf87c0542e03 eb2ac0492e9f07a67720285854d8347f0a2c91a1c2a91f8cbc5ce4fa4f8f9735 Loading...

	www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1	1.2 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-04 18:15:53 Times Seen9290 Hash 51300497928562f8c86c7aaba99237cd e5826832b85c6afc6502b74cbb8ac5394b04c363 6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f Loading...

	unknown	0 B	2023-03-07	2024-05-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-04 20:18:37 Times Seen37345097 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1	22 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen102 Hash c396306f0dcb75eed7e0e9f3837c8ed6 65fefebf469edb9bdf4a2adb5c93b38deb633bda 8f02b7735656f6f27e78c317215d1ba5e01c1f02dcb84861de499681ac53ac16 Loading...

	www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2	1.5 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-05-04 18:15:53 Times Seen27547 Hash 8c0498e2f1f7a684a8d2a3feb934b64b 76099689ccaee466d4608da621c403b368dcae03 ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40 Loading...

	www.bentleycm.com/	2.2 kB	2023-03-13	2023-03-29
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:24 Last Seen2023-03-29 22:26:21 Times Seen2 Hash cf118dffac9606c8a887c016a18c3d67 6bfd40302ed667bbc97ec33d4c7ca46ef6868698 9784c7b3d8973f6ff858bef446dcd2e60a1566b4b51197407cfb7b4e5458393d Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1	4.6 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen657 Hash 235b7a299ac4353ef1c0a6001f399e2b 44f3de5910b466762b0c51b115e9cff321b80d5d 8aadfb396a04741af7239b35179b967a604254898122a45522be68b4ba736c95 Loading...

	www.bentleycm.com/	109 B	2023-03-08	2024-04-09
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:10:28 Last Seen2024-04-09 08:24:20 Times Seen69 Hash 1c9d8fc04137f469c5e84470d8403312 131f4b8a554beea120e1ca60a12e2669b2ebdc3a 314e37912ac7a1451fd840903be9fc711232c52e55dcc44de4986a816019cd7c Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1	18 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen175 Hash 3d20caccc3d9adf7e0509f4390140fe4 050b4becca5865c78b48c3bb16a33339ecb33402 9b237657ba86b4f520dcbe7af367b6b566b07e66385258442fd219a80d58629e Loading...

	www.bentleycm.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5	36 kB	2023-03-07	2024-05-03
Pretty URL www.bentleycm.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:37 Last Seen2024-05-03 00:46:00 Times Seen991 Hash 38fc018b2a3e21b4fc9d85c31055fbe1 9080223675416c00aa51161dddc90ccc27e2905f 808975b6cf4ae51c0555c592409a545a54a842eacde7c5408f6d77fcc754cc61 Loading...

	www.bentleycm.com/	151 B	2023-03-07	2024-05-02
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:07 Last Seen2024-05-02 10:32:00 Times Seen728 Hash 0cb796ac99f11a254d9e9f15ce0b9870 51bb8503b7fe625b14146193a4f31ac85a3fb738 b190352728af320b263b7d46746b52165e46b8ecb82ce2500dff740540bc6f76 Loading...

	www.bentleycm.com/	745 B	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-04 18:49:01 Times Seen422 Hash 6afac012eb0bf975a3eee4154b96689a 056225e48650a144fea0c8a0df1f73f243a83cd6 61228535a01cc999ada8fe9ec450b1e8da147da2ed7eb769d899a782226d7349 Loading...

	www.bentleycm.com/	178 B	2023-03-07	2024-04-29
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-29 00:16:46 Times Seen283 Hash cacd885072d7dfe29f21d9fc7b1f0980 fd6c691a1ba104cf3706c19439bb61f1081f2dc8 f337ebf4e796cae00423536e8bf51f864752e1231733199c7840c3472ef75745 Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1	5.6 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-05-04 05:00:49 Times Seen860 Hash ce0ff2351fc966670539b6c58329b318 283beac4b5cb328d4e5a122bc5fc4496fc48e56c 7532600ddeb5d6b946c1579352890a15857697864a17c8ac7df3465b00f20b4d Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1	80 kB	2023-03-13	2023-05-08
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:40:38 Last Seen2023-05-08 18:35:49 Times Seen4 Hash 35d200605fbbdbc7dbcc8041a63c34f7 03b954f5f1ad995f210e93dfc8a4f96e50ef55fd 27b48c8847e8c158498232d8c089983e4194e93964f71b5fa8eaa18f01d8ffbb Loading...

	www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1	906 B	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-04 17:23:58 Times Seen3889 Hash 2c6d3b562a48e0df5474999dd47e58fb 945220e990eb176c14e53cc663fb01e04e31b59f 3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550 Loading...

	www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2	2.0 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:43:01 Last Seen2024-05-04 19:06:44 Times Seen1014 Hash a56436c9e214ef323a2a3581d13dffe9 378e2f4aaee735f2644e88c0e7f143dd9b67af5e cf1f9d0c295267b005cb0f3aae2f90826fd8ee6c14fe5d29501e9b08e541dc79 Loading...

	www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-04 19:27:15 Times Seen68967 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2	12 kB	2023-03-08	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-05-04 18:15:53 Times Seen6685 Hash 88407dc30b83ffa7dd834fe4a35307b7 857a3a007e5ea8d88123bb47019606618e19eb77 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1	44 kB	2023-03-07	2024-04-17
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-04-17 19:27:55 Times Seen205 Hash 008a323b314d66e0960e73f007dd92b3 6ecd7fc0bf9a5cb05d9e19d936c385676a3619eb 03d6b8c122e733ae5cc2a304277cd799e714cdaf4e978027095bc9d74f25f57d Loading...

	www.bentleycm.com/	131 B	2023-03-13	2023-05-08
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:24 Last Seen2023-05-08 18:35:48 Times Seen3 Hash 2f89bd60386622e3da95bc309eb27fe6 82b5e68c07e2b4c2445333b444f13ee2c432e768 baa64407f89f5268221959e6a1e25669cdbfd816e10405214685d25ff7d091ca Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAz1kkAAAAAJ0rO5jN4UVy4YnG5ERrNDkL8xCn&co=aHR0cHM6Ly93d3cuYmVudGxleWNtLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=lbt3vnnrq60t	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAz1kkAAAAAJ0rO5jN4UVy4YnG5ERrNDkL8xCn&co=aHR0cHM6Ly93d3cuYmVudGxleWNtLmNvbTo0NDM.&hl=en&v=gEr-ODersURoIfof1hiDm7R5&size=normal&cb=lbt3vnnrq60t IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:24 Last Seen2023-03-13 18:34:24 Times Seen1 Hash 858b907fc896a5d917868e0c64a03e41 de7cee9454860f396aef00c72c65654c36ac96a2 291cfa4fcfe2b642d399bc5fbdf7279d37617416acb598058af2f07c66a49881 Loading...

	www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2	9.0 kB	2023-03-08	2024-04-09
Pretty URL www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:10:28 Last Seen2024-04-09 08:24:21 Times Seen126 Hash 82a9f111e48e0c5c9d5d36f333f6913e 382d0be287f08a336ea63e52db0f9037ef94ee68 faa6f309af9cb6155dc0aa213f38c5ee4ae0139bea360635873cc881b2a1fe4e Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1	9.0 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-05-04 05:00:49 Times Seen605 Hash 1988b2bcaf7a3d5f33face7dabf19202 f171e3cf3646fd6f2092312b8ae4b11f5cf13e84 7d7a12639877d9be25bde5d92109d05881c4ac6956d32d250e54a21efcee5ff6 Loading...

	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1	1.3 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen715 Hash 7ac7e21768cfe5216119097bac3a05fd 69393ac81a55f758261bb763906f6edf01d700f1 0c8c9ec454aeec2e3a04661c6b7bffe97db35546d286e5ae8144347f522a34d5 Loading...

	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1	4.0 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 18:15:53 Times Seen762 Hash 6563fc26e481ddf4d335f8c562147f76 3fdf1650c1db5cba9476cea99432d2f6fe7a1a26 415ec14747e80898634a3cad24db3df4260809c1813aecd4aee23734df6660f1 Loading...

	www.bentleycm.com/	600 B	2023-03-13	2023-03-29
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:24 Last Seen2023-03-29 22:26:22 Times Seen2 Hash 30903c522a652f3a694897bb0c505934 76a7641f3eca231936a67c80fbf2e2a4cbcbe0e4 81438508ce47251ccb96ed6e53c3378319b99ff114c49d1b02158674009c48c9 Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-05-03
Pretty URL www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-03 14:55:33 Times Seen9832 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	www.bentleycm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-04 18:13:49 Times Seen38181 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1	2.1 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-05-04 05:00:49 Times Seen1696 Hash 72f19f5f564a43b1175f9ce86981987c 23ed844b81c03a3a488dfde2ff7eb79f5b298611 bbd90e6ec0b5e022b41ffeacc7fe8ef101f00b847bda31d647a2e1bf3a5c81d4 Loading...

	www.bentleycm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3	13 kB	2023-03-13	2024-05-03
Pretty URL www.bentleycm.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.3 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:30:08 Last Seen2024-05-03 21:54:43 Times Seen1710 Hash c324038c8d6cd7e9990ff50520625008 a707f321bad9f20c442b776efa6812c8acadb8c0 af0f96462799a9eccfa6c5a30819ea991f9c0c4eddaa2984a638dc473c03ce2f Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1	14 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-05-04 05:00:49 Times Seen627 Hash cb589ac63c361a879c1cdd919c9fc1ef 9dff3eb4231601f2989a663e54f2471a88363bec 97d9e455254dbbb00399128296f30688302b4fcb32811d3635de05359d6b1061 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1	1.4 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-05-04 05:00:49 Times Seen686 Hash d48c113ba91bfa63afae8a96d3185319 3c1a75b4f72ac04852699342811ff4d938cf8253 05a85cfdf52e81da1773766f9da17d7b1f105bf7d4880b603e537748f7515594 Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-05-04
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-04 20:04:52 Times Seen14301 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	www.bentleycm.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2	8.8 kB	2023-03-08	2024-05-01
Pretty URL www.bentleycm.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-05-01 13:59:54 Times Seen914 Hash 89a5cf06fc7dd77902474cb1ffe4a428 474e8b42319320197c4b85f4dfc12818e9abb5ba 04e009a731cacdb72b79de34d2cb88c364ec1c60ccaa1c163b617fed2b6b9198 Loading...

	www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2	41 kB	2023-03-07	2024-04-09
Pretty URL www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:27:12 Last Seen2024-04-09 08:24:21 Times Seen184 Hash cc0f57e53435c277c2e6f55d4ed1047e abf02fd10150ef901479d8c29bf1c475a41e69be dc61f0166687da5732fd0281a8b1b0c8f79f3bab2ba560580fde78786504ec28 Loading...

	www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0	912 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:56:06 Last Seen2023-03-13 20:35:22 Times Seen1 Hash 3ff993ecf9ac8b465c92cc5fb38f6a13 0d936198746ef72fa2c3e2d596595c646f6887a2 eb5aef258a8786e0d66956a540d71762713725ce2edf989270c58964937184a1 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LdAz1kkAAAAAJ0rO5jN4UVy4YnG5ERrNDkL8xCn	178 B	2023-03-13	2023-03-14
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=gEr-ODersURoIfof1hiDm7R5&k=6LdAz1kkAAAAAJ0rO5jN4UVy4YnG5ERrNDkL8xCn IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 18:34:24 Last Seen2023-03-14 19:40:39 Times Seen1 Hash f19bf36d3fd58fb0d4ef73f2e0e6039e 4ba542493e8132e7a48100d73db054936acbbab9 69c948bceb34ce541b4cea255b47f29f17ccd4bd600799bfb3c7e1e6e21ac22e Loading...

	www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5	21 kB	2023-03-07	2024-05-03
Pretty URL www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-05-03 15:12:57 Times Seen2048 Hash 5a627237805ba8fde358e571c3333197 b7365a7674259f505dc10e24e1b06c7e64555ed1 43cdf46f331fec5ba92e402e3d5cad473099892cbdafca02e607cd03705104bf Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main	214 kB	2023-03-13	2023-03-13
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.k4EubO_g8sw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfqso9EOrOP64PthfqJk228DmwkZLA/m=el_main IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:25:47 Last Seen2023-03-13 19:17:21 Times Seen1 Hash 3dc5e5217f1ceee73321e8935f8d8fde 2c61cc7caf541913365418164e2514101d5e8d27 c519e5093f80d6f02e96b1e03402868bc8e485119a3a358602e6614d3ffd676c Loading...

	www.bentleycm.com/	1.5 kB	2023-03-07	2024-05-02
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-02 19:03:48 Times Seen696 Hash 0f34278c49ba25db1ef359dd2641dc9a 916c0b1bc083867813188c84bb055cfce331c44c 44134cbf94a69a4a21b2805d17b869ad1d5ce8ad563f96b6cd218e71fab9d07e Loading...

	www.bentleycm.com/	2.4 kB	2023-03-07	2024-05-03
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:59 Last Seen2024-05-03 01:12:43 Times Seen3814 Hash 49f89aeeb8e861051ed61fc00d636b9b 9077f9d9ebc3b661bb3a81161c6a4e2de2531231 4190f2c4f25f9a34cbbfdb92f91a25359570d773ef7cff97c924e224ad877759 Loading...

	www.bentleycm.com/	149 B	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/ IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:22 Last Seen2024-05-04 17:23:57 Times Seen2869 Hash 931deb2e7bef82d78d1c1b0a3fe4fe32 2a468d77a19124c4bcd1745b7f51eff01b269ade afb2b21f29cd5d7fc5b63a8ea02ece9649603b9e63a2afa55927c508345e1ee7 Loading...

	www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1	1.3 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:42 Last Seen2024-05-04 18:15:53 Times Seen1369 Hash c8a799cba13b6e15dfced16eb87636b0 6ae3e5dbfafb2013224aba0496d0046c52457708 cd9822152c9ceb5e0a17d1bd62cc55afac0bbdc56dadbd032bf3e2743c90dc89 Loading...

	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1	6.6 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen589 Hash 3cc9229753d52a898761af1a0ac60787 d23b72efaf1799b552b8dce618f5cc99161903e8 01e43a4db0203b089ddb4795f2763c3cdadce0bf52eddac72866b67f2d4f5ca2 Loading...

	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1	14 kB	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen616 Hash 21fd34fca546436fb42189648b8ec6ea 709477c553e398cc6238b7cca1d18ca8f32704d4 88ca875d14c480e1478cacb3edbd3962433fd21a4775666b387988738038a63a Loading...

	www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1	924 B	2023-03-07	2024-05-04
Pretty URL www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1 IP 208.113.169.155 ASN #26347 DREAMHOST-AS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:10 Last Seen2024-05-04 05:00:49 Times Seen669 Hash 598e877333e0880f61e6368eaa330c29 4522e4898d65eb4656f54373e981156f72d88119 781597e7eb785a6f0567bc72bf0095778110eca4e87cabcdf27125f9ecea24e2 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 851ca4249bddeb9d224dc042b70320cb	19 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 18:34:24 Last Seen2023-03-13 18:34:24 Times Seen1 Hash 851ca4249bddeb9d224dc042b70320cb 9336bff56e4341a473e54e0c91299bde45993922 7f57b349013112cd735ed9230090d7eac0c910f2536a187109dae6097a7945f9 Loading...

	#2 Eval - f4bf22269e41be9e3a92808f5d0f2201	16 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash f4bf22269e41be9e3a92808f5d0f2201 597b026bf76f9a647e1d16d8532d9ddd5f0de46b 276096740107abb4b5b058985713ac9e81f2fcb100010356b47be556e300d790 Loading...

	#3 Eval - af72b91f44a63027ce6a3360baee8a43	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash af72b91f44a63027ce6a3360baee8a43 030a8bdf4fc642af17e60f7942b4e7db0b395ef9 3767d5321b4ae282cd6bc77966b15645f99a332b0c28e8bdd6ffd6bfa9cb2104 Loading...

	#4 Eval - eab8313bda5bcf457e3960dd870ec986	64 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash eab8313bda5bcf457e3960dd870ec986 2040c44ca623657a7842ed109aa1ff376784968c 6ddb568813476781555dc007dbf68364ac4237de77158b4a2b8906396d564da3 Loading...

	#5 Eval - cdb8f5789b376b67f7efeda96ebbd0f8	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 21:10:41 Last Seen2023-03-13 21:02:57 Times Seen1 Hash cdb8f5789b376b67f7efeda96ebbd0f8 906bf65532f9e9f29bb1df8bfb222515be0cb5fc d896ad7d50d378b59b9d1be3c4950cbc057ad6cc83f9cdef522454929cc9f301 Loading...

HTTP Transactions (118)

URL IP Response Size

www.bentleycm.com/

208.113.169.155

301 Moved Permanently

234 B

URL HTTP/1.1
www.bentleycm.com/
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
234 B (234 bytes)
Hash
9b6a856c712d94bb86dad37c95445367
4367e3467bb244304ad4ecbb1e2d6f0184909d60
4f94f723ba3be092140f32a3021f63abc8719905fe99f3f23798474db51c7c01

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 06 Feb 2023 19:22:59 GMT
Server: Apache
Location: https://www.bentleycm.com/
Content-Length: 234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13801
Expires: Mon, 06 Feb 2023 23:13:00 GMT
Date: Mon, 06 Feb 2023 19:22:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6075
Expires: Mon, 06 Feb 2023 21:04:14 GMT
Date: Mon, 06 Feb 2023 19:22:59 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Feb 2023 18:36:29 GMT
content-type: application/json
age: 2790
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2656
Expires: Mon, 06 Feb 2023 20:07:15 GMT
Date: Mon, 06 Feb 2023 19:22:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: aWiHKzmDOnzpBU7RqqkMRd+MgWvo1McrFERIuvUmxMu2fL7fIxNjxmBeAbYTmOdlNr/hxXmSXkA=
x-amz-request-id: 7CGC93DJ7XKCNQG0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Feb 2023 18:45:16 GMT
age: 2263
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 06 Feb 2023 19:22:59 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Feb 2023 18:51:19 GMT
age: 1900
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5309
Expires: Mon, 06 Feb 2023 20:51:29 GMT
Date: Mon, 06 Feb 2023 19:23:00 GMT
Connection: keep-alive

push.services.mozilla.com/

54.186.209.73

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.186.209.73:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RJ08/AhkUZnT43dwUgQmzw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iOcuXzUxLQ3P4v0tCihMuxvouSA=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ad2d72821808ee5f77c0598fed0f8bd1
adcd92881d1c5ac3cca4687dc6347369240f4726
c7ce86611bf0b0063c0bcb2c6a6a4b85fe6be2d89e382b8907e8bbb2e1e5962d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bentleycm.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1

208.113.169.155

200 OK

299 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
299 B (299 bytes)
Hash
1e34ceaa9a4c96c3499483f5fe818671
55a92f1196d0155e2bf0632f0905b5b8000f5ad7
9738e8e5222b5802082be7a77e56ad9fdee06718da410f356504184fd08b56bf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/gtranslate/gtranslate-style24.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:36:03 GMT
etag: "2b5-5f29b7fe32ac0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 299
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bentleycm.com/wp-includes/css/classic-themes.min.css?ver=1

208.113.169.155

200 OK

189 B

URL HTTP/2
www.bentleycm.com/wp-includes/css/classic-themes.min.css?ver=1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
189 B (189 bytes)
Hash
5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
etag: "d9-5ebdc1e39f300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 189
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0

142.250.74.132

200 OK

579 B

URL HTTP/2
www.google.com/recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (912), with no line terminators
Size
579 B (579 bytes)
Hash
f2daf49af0ca78728806bd28cfcc4f62
74066b73587d0cfb717ca7d46af4f5b33c02085f
3716298a1b27a533e8cca53149826a27ef2ff26d67f4a4f7556ce56b7d337ef3

HTTP Headers

GET /recaptcha/api.js?hl=en_US&onload=recaptchaCallback&render=explicit&ver=2.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Mon, 06 Feb 2023 19:23:01 GMT
date: Mon, 06 Feb 2023 19:23:01 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 579
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2

208.113.169.155

200 OK

1.1 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (370)
Size
1.1 kB (1102 bytes)
Hash
cb1a5eb4481e0b7cc0d10231e620e344
c45a5d6eec01eb04410bff1fc52af97a603bd87f
66f248cdf72637103c354edfcae99b48d3d0c462049ce0996f687fed6fdb9e1f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/wpls-public.css?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:01 GMT
etag: "e4b-5f29b91a64940-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 1102
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6

208.113.169.155

200 OK

106 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
106 B (106 bytes)
Hash
8af7d01cc8f7698605260aa25a37f45e
854439cb106afae13bace1acbdfd03e0ec2daee4
8b46abceed3ee90f0e9053977b5dcb569c09784270d0e5fff5aebf80256501e0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-live-chat-support/public/css/wplc-plugin-public.css?ver=10.0.6 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:49:31 GMT
etag: "62-5f29ad978a0c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 106
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3

208.113.169.155

200 OK

996 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
996 B (996 bytes)
Hash
40b4c9407635aab8ae29afebf2101d84
38eda5de806e116aafc5078d150255da89bbc08a
98aa8af946fc88e8cc526dd16c78f5e08c071be559a51059992fe462b9093dcb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.3 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 01 Feb 2023 16:21:42 GMT
etag: "af3-5f3a5d7ff241f-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 996
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2

208.113.169.155

200 OK

534 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1425), with no line terminators
Size
534 B (534 bytes)
Hash
5eaefed24bc519be8eb8dd36c5067bc1
05bc5bcca155944ef794db9313e5a8ea566e697e
c1f81ac00a60bdee57f8a64940bbd7d7389d5b1815208a49dae88761f1733a27

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:01 GMT
etag: "591-5f29b91a64940-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 534
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/style.css?ver=6.1.1

208.113.169.155

200 OK

1.3 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/style.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (358)
Size
1.3 kB (1335 bytes)
Hash
8d927ad5e9e8bc45605d291627bd1348
1a3431806a1108c4830bdf8e8ce33dda20ae0ab3
aedcac6f92f6232eeb8f843a78017caf05e303ecd820aecd32e764d4dce17fdf

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/style.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "1104-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 1335
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5

208.113.169.155

200 OK

12 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
12 kB (12166 bytes)
Hash
12c278b008f74bf3d8d49053980d7b12
0045408fa5b6dfb9a752490f2e259a4d32f05e12
7e7062020acc16b6aba73210630b3dbe12630502676c9dff0c1c5bf0a0e51642

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:32 GMT
etag: "e1a2-5f29ab5c49d00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 12166
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

208.113.169.155

200 OK

13 kB

URL HTTP/2
www.bentleycm.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (47826)
Size
13 kB (12972 bytes)
Hash
230215725aaa95357dab4851af106ffd
d928b57aa7af333dfdda0bc97922463065bf0c1b
fe8f0af1002ddb91bc8baa0f8d743802e9b9c7dd444dd89267e22ba6d08ece5a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
etag: "172a9-5ed33192c4540-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-length: 12972
content-type: text/css
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
45214010f2ef8a835d723fcd5b485977
346507b6da40928a8c600ef9c52fd6a7e0875344
4b4e5c2038d6fe241aedc738e0bd22052078bf365b6dade88cae752d0f06fa54

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linear-icons/style.css?ver=6.1.1

208.113.169.155

200 OK

1.7 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linear-icons/style.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
1.7 kB (1667 bytes)
Hash
4e2cc12d1a6bb2692d665fc1b9ae57b0
2fde0daee411269f5e7386327c61cf2a90fd6ca4
387cf6f334fb88701698cfa33ccda2f4e3870098620d454f722658c21e5f0f59

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/linear-icons/style.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "2098-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1667
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1

208.113.169.155

200 OK

2.6 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (344)
Size
2.6 kB (2636 bytes)
Hash
cf3ccc449de50f62df0b09ed0d56ae73
f9585980fdf9ce939ec10b6ea998203ecd45e859
48d9e73890d956fe14b0ab233508ba3665660654e5b1d00a20fbaf5016aa8a6a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/simple-line-icons/simple-line-icons.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:22 GMT
etag: "3037-5a368a8794780-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2636
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17

208.113.169.155

200 OK

2.6 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (11256), with no line terminators
Size
2.6 kB (2592 bytes)
Hash
75242d67c1a758ea94e3d10c607e68da
dda69e23f51356aa4285f9fabe841e83fcbc2ace
147804fec1d09ffa1724d0bff08cbe575811ba1cb594a92187eebbd062925cc0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
etag: "2bf8-5b075c75d5c80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2592
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687

208.113.169.155

200 OK

631 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (2552), with no line terminators
Size
631 B (631 bytes)
Hash
3f5b93157e74983cd4cc129c35de1615
f781589cb2f1d8a85f01c86fef6764b1d4046710
3c843fbef58817414cf3f1c52e5a2eddd756b2951845bd217015201a42a37dc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/css/style_dynamic.css?ver=1667250687 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 31 Oct 2022 21:11:27 GMT
etag: "9f8-5ec5b0cf33dc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 631
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1

208.113.169.155

200 OK

4.8 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (45633), with no line terminators
Size
4.8 kB (4809 bytes)
Hash
ef34127c60c773c03e7b1a3b040e1461
d534c9f22283489a9e872acd2987627616bc58bb
03e58e978fdc9455e0cecd65b7f8dbe509ab02433f739719295eb708d1739d07

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/css/modules-responsive.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "b241-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4809
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

208.113.169.155

200 OK

7.1 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
7.1 kB (7137 bytes)
Hash
18ab0f2141a86fcbe7b09e55852a231b
0d35ef890c710cac5fb4a71801c7279d951b3f6d
3462a75039aa0c82d1501ddd3615afcf894cacaa1fe19f23dc707d8bbe422482

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
etag: "53c0-5e95d8f5cb080-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 7137
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1

208.113.169.155

200 OK

4.3 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (21769), with no line terminators
Size
4.3 kB (4304 bytes)
Hash
6d2deda45521e454ad2b18091a6bbbd7
254722e998b14877fc2b8e45eb6836590104fa77
110ff1e12a78fcaa709fa955dae049125fbcf03d126592eb275e379e44260013

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "5509-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4304
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1

208.113.169.155

200 OK

2.0 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
2.0 kB (1952 bytes)
Hash
48c30024d84f40fcde2ca974d743176a
55becdc9379974965201b1c4809a6f1c230b2495
12d2f25f7660d34612814f82ed2e150486c1cc36208afc2fd1d20d9c339e9917

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/dripicons/dripicons.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "2d1a-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1952
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1

208.113.169.155

200 OK

1.2 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (4186), with no line terminators
Size
1.2 kB (1161 bytes)
Hash
12abf54137d4fe7125009945facd733d
4c7d795c2b7857a8e8733f667d61a7a88565818e
48856e8c9f3fd260906105995e727f97d909869a362ecbc183fe10af73d4e479

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
etag: "105a-58ac1e7924f80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1161
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1

208.113.169.155

200 OK

734 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
HTML document, ASCII text, with very long lines (1234)
Size
734 B (734 bytes)
Hash
fcc375a83f255a90c6bfb4f23c5cff02
80b721e5cb742af645ad34c3836db48021e69319
4ab585a5964ee2d5403c790bb2a4d72985af5daad764e4968e9957b736c2dd7a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/fluidvids.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "52c-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 734
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1

208.113.169.155

200 OK

540 B

URL HTTP/2
www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1191), with no line terminators
Size
540 B (540 bytes)
Hash
2029090ac267ecfc20a3c0b884202de9
0ad1d2ea2030ad3c98315a8342168cb0e2c2fca1
a5f0b6001e19c189db4a985f7be8577804f4620edfc4e0812483cf571618607d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "4a7-5dc2a2438e980-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 540
content-type: application/javascript
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive

www.bentleycm.com/wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1

208.113.169.155

200 OK

1.6 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (10756), with no line terminators
Size
1.6 kB (1617 bytes)
Hash
513b34ed2a33300f7fbf40b2f114fd03
bbb7f38e13c553cd0750c6263da3b9ac4d6d2148
3626d004abb5744606873321852c681178c034de42d5d7640f2e53be158e843c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/brunn-core/core-dashboard/assets/css/core-dashboard.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:37 GMT
etag: "2a04-5f29ab27d6140-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1617
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2

208.113.169.155

200 OK

2.8 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (8632)
Size
2.8 kB (2776 bytes)
Hash
efc785e8a97dfd4ffd4093c18306c94e
40048fe71d8ee71fe18ccd0ee96ec40588e26e65
89e6452557241c6f3dae72e7cea40e179e926ff0d649076abebb1abb19c84e4c

HTTP Headers

GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
etag: "226e-5e90b89c73840-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2776
content-type: application/javascript
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive

www.bentleycm.com/

208.113.169.155

200 OK

30 kB

URL HTTP/2
www.bentleycm.com/
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Size
30 kB (30449 bytes)
Hash
27664acf95a552af00d2c445cbeca743
0a532aa475b8456e6efc72490c6869e59fac93a4
c5ecb5db81cd662ec02ae447106535555bca22d008100b25302afb9acf2bb0e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET / HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:22:59 GMT
server: Apache
link: <https://www.bentleycm.com/wp-json/>; rel="https://api.w.org/", <https://www.bentleycm.com/wp-json/wp/v2/pages/21>; rel="alternate"; type="application/json", <https://www.bentleycm.com/>; rel=shortlink
vary: IS_SUBREQ,Accept-Encoding,User-Agent
cache-control: max-age=600
expires: Mon, 06 Feb 2023 19:32:59 GMT
content-encoding: gzip
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5958
Expires: Mon, 06 Feb 2023 21:02:19 GMT
Date: Mon, 06 Feb 2023 19:23:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9808 bytes)
Hash
ccc8078cc937b7de0b299bcee1496f1b
395f04af71767acc9516387c8b07bde08968fdfe
cf959fc4a72d80dcab20c235bec6d21eadaab87efa7a8969744cd228628ba050

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3694634-2f5a-47ff-b75c-9cb394881acc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9808
x-amzn-requestid: 75cc8041-19f5-4994-96b6-b14d3c90ec6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiSFZAIAMF65g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-355d272c345c8c37595b4bb2;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: T7YlRZ936VEDkBvo2YKrS3GbyEh1xzC8W-50KiODzFjTnQb-hvkKpw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:54 GMT
age: 76327
etag: "395f04af71767acc9516387c8b07bde08968fdfe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1

208.113.169.155

200 OK

8.4 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (369)
Size
8.4 kB (8445 bytes)
Hash
f78b03405f053ebdc9b862d2f279e691
c469ec4f6dcb26909384f4bd4059217272f6e298
2e5061562bd635c1f9cb9784372b0a7baf32bc3f145df63747386b311d765806

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/linea-icons/style.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "13100-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 8445
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1

208.113.169.155

200 OK

8.1 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Unicode text, UTF-8 text, with very long lines (50806)
Size
8.1 kB (8084 bytes)
Hash
98288d4f3eeb25aa4dd24d55bf47ed6f
6afd4eb7301c92a1c8172d8a6e3ee61d075a6a6b
3f868649d31a63ef5efd5664caef129181c1e2cdcd8a2b859276c475d1e3dac8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/ion-icons/css/ionicons.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:22 GMT
etag: "c854-5a368a8794780-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 8084
content-type: text/css
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10905 bytes)
Hash
1a4eed23b240d04a3cd6b085cfa93375
f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00
93e8371f80c12d3753842e36001dbb8d3dc2223b10a594639752cd816c492d4e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad60ff0-69ec-4be2-9334-41be71ca4b7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10905
x-amzn-requestid: 093778fc-231c-452f-a6fc-15f4eb41ade0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmNJCEDzIAMFmxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8c239-7f56d6e56392f373541db219;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:24:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gcy4nCriTOJhhTqFJBuks649uy0s4r3TVV3-yAcUhImLwqKpn1d2_w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:10:20 GMT
age: 76361
etag: "f29b9dc3f6bbd2ba76a5a4570ce044d5f240fd00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8981 bytes)
Hash
714723c38877e0d1655c7118a88ec064
809a42ce7c76cea0ce16af8172d852723c3a5f02
6bad7253694d155de31a8f5a3c635545a39aac340ca49d1bc10efb6739d4a356

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f49c6ce-40f8-40bf-9423-2de34118bace.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8981
x-amzn-requestid: 0054e925-c381-4737-bd92-32b2af3a604e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQHRFoAMFw6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-45ea5ee33d07326c593d21d3;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WPChtMRjKafjMFkXCam-m5lHQ-4E-UZ5VwnfjrBKaz6nuOh70Fkunw==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:02:46 GMT
age: 76815
etag: "809a42ce7c76cea0ce16af8172d852723c3a5f02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10514 bytes)
Hash
9046d887fd45a0940e31a74173d17798
1ff698b9cf660165e846dfc4770f29852aedce45
0c7b0e1250aa7718b7b35b80a1442f62e94ace1fb578fb781ec8204ee96386d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F731dc7de-ce12-4639-9ceb-3218584c3d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10514
x-amzn-requestid: ac2a383b-833d-4dae-9bd9-43dc3d9e373d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiPEIyoAMFqUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-436bb6816b269ce45b9f8600;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RYNzle5-l5dOMPWb2Bmu_T5aIJw9NX2FKuJsej8hzpYZcgD6coH9SA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:50:09 GMT
age: 77572
etag: "1ff698b9cf660165e846dfc4770f29852aedce45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8649 bytes)
Hash
ad2298793399bf73c51c7d60952065c1
816bd4c36ceea2c46489ae72fde0b4a94c7c4bef
dc540d64e5e0835c7007e89ca3b5dd620b43a87e13309f323f3843a5f908a199

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f78f981-25b3-46b1-a96b-baa8e001cc8e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8649
x-amzn-requestid: f85f3c9d-95c1-4db6-af5f-595070fe46c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiRHzboAMFQCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-6eed72bf20887cac6dc1a56a;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z7HTSLYJmhfIGlCjeG2EeN3q2Cd9vKlq71nqo3iIuhwkgwlEAlRPmQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:51:02 GMT
age: 77519
etag: "816bd4c36ceea2c46489ae72fde0b4a94c7c4bef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8929 bytes)
Hash
d0c62c5956f36c9f1c5d2f17bc372d98
fca4d7140e4c391b02d734425ccc92acec568a70
eb1b743ede5ed223536358bd92a322ca5231267f4434be1eced98a0fe93b790d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda427d37-8d0b-44cf-ae98-f96ceaf21b52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8929
x-amzn-requestid: ea29dd36-d05b-4824-ba18-78f868259f76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f4oiQEeTIAMFqGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e02141-7a6ade1c4501a81c0823ce10;Sampled=0
x-amzn-remapped-date: Sun, 05 Feb 2023 21:36:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O-QHP886Cczm6dsVDQVMR7SMSxgIhUSuEPAKJvzQTQtkj59Pg-z9QA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 22:11:05 GMT
age: 76316
etag: "fca4d7140e4c391b02d734425ccc92acec568a70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

208.113.169.155

200 OK

4.2 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4204 bytes)
Hash
a65d5500f76589b8c41c6d1e8895c456
fc9b5b82c4a5c6973efcbca5f6ca01a5eb252a59
9cb0e5695834af1b05fa4e3699dc7be10857e491c8c511edb63ed7f337083d1d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4204
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1

208.113.169.155

200 OK

878 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1766)
Size
878 B (878 bytes)
Hash
b418f2c641fe326ca6c6d003986dafbb
ce0856e3d4eaab01e73cf6dafd450779969f2eb0
3cbc0916a8120a1282a2f04ee68743e5fe7fb5fce94173973556dd49185d58b4

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.appear.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "815-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 878
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687

208.113.169.155

200 OK

128 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text
Size
128 B (128 bytes)
Hash
baff31a7d2958fb097f14a94bdfb91d9
1874c24eb14734f1d53bbf9537138b255ce9bafb
ff16481ac07a6f863b71b29e7d8f08545e13a1165dad7909844df72cbdd2bdd3

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/css/style_dynamic_responsive.css?ver=1667250687 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 31 Oct 2022 21:11:27 GMT
etag: "112-5ec5b0cf33dc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 128
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2

208.113.169.155

200 OK

706 B

URL HTTP/2
www.bentleycm.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1464)
Size
706 B (706 bytes)
Hash
e26e2ba5d82da6211e981bf0e962fe00
ca7358efdb6852cfb78ec32383eaef15ac6cb61b
400f6ae8a00e7eabb07284d8cd8715579e9a3721fa463e508b5d40b83cde1447

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "5db-5dc2a2438e980-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 706
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1

208.113.169.155

200 OK

1.7 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (3447)
Size
1.7 kB (1665 bytes)
Hash
899ed05f203ea0c9d59a223e967a8c19
466d6ec7fd066b9dfab4f53886c570870335d2fc
82f600d494b20c35c5fe79fd6b8811701d40e9f00b86855713fadcceeb730643

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.plugin.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "120f-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1665
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1

208.113.169.155

200 OK

1.9 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.9 kB (1871 bytes)
Hash
8ca47f570cf96a73efe74e0a7cf70d27
fceeeffc9ed684d69eb2b2738b408ea238277850
576ff1dbc4db3d6adaaee5f0c052f14d29637a1aba9e1881b9cedc09632738ca

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.easing.1.3.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "15bd-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1871
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1

208.113.169.155

200 OK

1.3 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (3968), with no line terminators
Size
1.3 kB (1299 bytes)
Hash
5c4d9cef905f819a16341d7670486f4f
4601e0716220c86993765a3bb679ff9ebb3e9a01
59b10c37b34a3558334132fdab1256b466783e21eb5006b359a2802e923f4e4e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/brunn-core/shortcodes/pie-chart/assets/js/plugins/easypiechart.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:43 GMT
etag: "f80-5f29ab2d8eec0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1299
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1

208.113.169.155

200 OK

475 B

URL HTTP/2
www.bentleycm.com/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
HTML document, ASCII text, with very long lines (906), with no line terminators
Size
475 B (475 bytes)
Hash
c7aa8936938be0b65781455878aa2085
0066e0c5ed75b3ccd5bb01db5f373d995c217a29
a764eb4204428f671190ad2bc84bcbd86cd9a6bfd05a7ded46bceb651503c508

HTTP Headers

GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 20 Jan 2021 13:35:18 GMT
etag: "38a-5b955069f1180-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 475
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1

208.113.169.155

200 OK

930 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1913)
Size
930 B (930 bytes)
Hash
f811cef2e2204905362bbe097c4a4dbf
8c0d03d477b5fc761c02dc5d65bc0ce459f2d282
dacf00b06cc6fc5032c2477ea171c72af6382bf4c030e7c094e6ea06af18f11f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.waitforimages.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "7a7-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 930
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1

208.113.169.155

200 OK

635 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1075)
Size
635 B (635 bytes)
Hash
932ddac6336d94397b6c8d9b659ab1a7
6a218d500b2d8040856077f418be39e1d3d325a7
e7b2e77ac61017f725d8c16ac0c2361c11c8f5a77217739478cd64dfe137b73b

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/parallax.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "577-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 635
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2

208.113.169.155

200 OK

685 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with CRLF line terminators
Size
685 B (685 bytes)
Hash
8639d19c0be39197dcc34bc9e89676e4
10b16e16ce0c00bcf44a4506fdf3249ffae43b28
05ca53432b5cf02af7fa9f16ea53a3c0bc978cb8aaa580fa47fab88a1eeb4cd9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wpcf7-recaptcha/assets/js/wpcf7-recaptcha-controls.js?ver=1.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 06 Feb 2023 15:47:41 GMT
etag: "7d0-5f409f38ec686-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 685
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1

208.113.169.155

200 OK

627 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (1238)
Size
627 B (627 bytes)
Hash
ce58c055129c07f10f69e18be4bd92a5
07252dc31cae98092d6890fd2a6f7bf07d52f90d
b9febfcc3a4f16336ce64ca0c94327d9bdbaa29b5b2c3e15115f01c2d3a8b53a

HTTP Headers

GET /wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/absoluteCounter.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "4ed-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 627
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1

208.113.169.155

200 OK

440 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (884)
Size
440 B (440 bytes)
Hash
3d714416bc918e178ec12d3d2da0373e
3d23c0175598bb53bce5643bbd4ff5a024597e70
3654efe473e2ece6aeb16a46df48dd4191fc39f03ef70afd1d7ec067417a030b

HTTP Headers

GET /wp-content/plugins/brunn-core/shortcodes/counter/assets/js/plugins/counter.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "39c-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 440
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1

208.113.169.155

200 OK

7.7 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (35179)
Size
7.7 kB (7749 bytes)
Hash
52f8835b76f98687a4da73b408491217
9648a800432207496286f3f2a1511f2ed6a2bbd4
f5dbdce39a1406caa0c4a4d18409d11e32ca2efb69d5db46cd1db807a47cc42a

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "8a1f-5a368a88889c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 7749
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1

208.113.169.155

200 OK

1.6 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (3070)
Size
1.6 kB (1553 bytes)
Hash
463231a72241fe997d34e3cad780b421
ec03a4a7e86e610cd0c2dd1fb4b7b7a2016862c4
1bc746d2682ea8dd05abd2bb6678354e29bfa5366a6eb09c289586309a1559da

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/ScrollToPlugin.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "d7d-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1553
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2

208.113.169.155

200 OK

1.9 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (387)
Size
1.9 kB (1871 bytes)
Hash
107601582e6bd05be6d2996b78e68a66
fbb4c6873df5b6fbb234a7a350eda60f1ce0b464
9001145bfc6fc894f7dfac6bd112fb79911b64e274c8dbdc3e214d07b20c7e6d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/wpls-public.js?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:02 GMT
etag: "22f8-5f29b91b58b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 1871
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/gtranslate/flags/16/en.png

208.113.169.155

200 OK

707 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/gtranslate/flags/16/en.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
707 B (707 bytes)
Hash
e4896565595fc22e344fd619c0ed15bb
43d4481a4cc3e60b406b2467b5f7e576fcbae260
c3a4cb8f32ef0cd89e6429d40d1faebd359e02e34d69764052c8402a391e9a00

HTTP Headers

GET /wp-content/plugins/gtranslate/flags/16/en.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 19 Jan 2023 10:35:59 GMT
etag: "2c3-5f29b7fa621c0"
accept-ranges: bytes
content-length: 707
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1

208.113.169.155

200 OK

2.8 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Unicode text, UTF-8 text, with very long lines (8863)
Size
2.8 kB (2761 bytes)
Hash
baa2ca938b1e7ff518bddc2d7ac17f26
813c86d75341dfab55361d7fdfe4e4725d6de7f2
c0ca94622c9b0e13df845f2aed2a6b36faed813d46c5e3a263abf32904489f84

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.waypoints.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "2349-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2761
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1

208.113.169.155

200 OK

2.6 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (5412)
Size
2.6 kB (2620 bytes)
Hash
8bbc40a7f83775a360d40c04497798fe
3227610e0c8b8fe13bc3fa17086b95c3f1582a88
86e3097e0f6c77448c1bba7de54f3e5977b0b3d270b51cf0e0d77ca634a4f1fc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/brunn-core/shortcodes/custom-font/assets/js/plugins/typed.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "19ab-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 2620
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3

208.113.169.155

200 OK

3.1 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (10565), with no line terminators
Size
3.1 kB (3060 bytes)
Hash
c42d2b93b37382662b44400e2513fe25
f80281b70ea02b8bbfefb8c7cd4690be355848be
5573be5d09a976c15728ec50bc9ec54f059ecf9c0aee9d6a78eed37f25ad559b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.3 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Wed, 01 Feb 2023 16:21:42 GMT
etag: "2945-5f3a5d8002dbe-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 3060
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

208.113.169.155

200 OK

5.1 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (15660)
Size
5.1 kB (5085 bytes)
Hash
3971154f76bf26e704b4910111d124ba
60dfcafe9593005b92cd0ce40f429b241ae3b287
549584b85b7433e767b71e774e5fcef37c40c19169e3979597b6ab7f8314b3c4

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
etag: "48b9-5dc6eb878efc0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5085
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1

208.113.169.155

200 OK

4.2 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (13554)
Size
4.2 kB (4151 bytes)
Hash
ec0be935de302f38e53898eb38296c75
515369ee561f7cb8bd8dd2c3de04ded548f0879e
ece6df370c3e185108df6e7d845641acd59012b5b9abe110ecee5f1423526015

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/packery-mode.pkgd.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "3538-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4151
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2

208.113.169.155

200 OK

4.0 kB

URL HTTP/2
www.bentleycm.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (11760)
Size
4.0 kB (3962 bytes)
Hash
ceadb732f7c2ec419c755d1f5119081c
5a591d21426f632c823bbdfed63f03bcadf71cf2
eac6a6f98635b66add190745fd7d378fe8f4c506d813c06bc281c449496169e8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 19 Sep 2022 18:04:09 GMT
etag: "2ea1-5e90b89c73840-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 3962
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1

208.113.169.155

200 OK

4.5 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (13345)
Size
4.5 kB (4534 bytes)
Hash
b89524b964eff3dffd05f33daf636613
8c6221f40ff585204f67858ddb9498e8db030e57
3fbaeaebad0ee08f4efcba15c45987d75a977c99c4dbeba52aea216459074224

HTTP Headers

GET /wp-content/plugins/brunn-core/shortcodes/countdown/assets/js/plugins/jquery.countdown.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:38:41 GMT
etag: "3525-5f29ab2ba6a40-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 4534
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/02/05.png

208.113.169.155

200 OK

8.3 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/02/05.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 167 x 69, 8-bit/color RGBA, non-interlaced\012- data
Size
8.3 kB (8292 bytes)
Hash
a3d57a9b02674abe8cb24edbaf94de98
c60218b964f35e9ca2d7f84d9f8fab206ddfc192
8c68fc038c8e78c101239c81f7a4ff3480aa17c34eb2cf20d7dbb040b79c4ec9

HTTP Headers

GET /wp-content/uploads/2020/02/05.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:03 GMT
etag: "2064-5a368bccc86c0"
accept-ranges: bytes
content-length: 8292
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1

208.113.169.155

200 OK

5.4 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (17959)
Size
5.4 kB (5407 bytes)
Hash
8ae09fe7c5e3be6dd4e2fc04439d05b0
76e92678436779cb56d8575de6c19bec63b7921d
26592a762b25c55948b29a0533751c13544d7f76f6f7ad389df99bcde7a2e09f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/perfect-scrollbar.jquery.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "4672-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5407
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/02/02.gif

208.113.169.155

200 OK

12 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/02/02.gif
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
GIF image data, version 89a, 255 x 137\012- data
Size
12 kB (12461 bytes)
Hash
8d3f65ff77b0ebadd2242b08f147135d
7119967da6baffbb3d4b990aa86adf3b32ae95f6
2b9d917493f6e30eb4b10f267af628c7d1b0bf7b000aad0bc1b2274967324e6c

HTTP Headers

GET /wp-content/uploads/2020/02/02.gif HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 13:52:02 GMT
etag: "30ad-5a368bcbd4480"
accept-ranges: bytes
content-length: 12461
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/gif
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5

208.113.169.155

200 OK

5.8 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (20382)
Size
5.8 kB (5845 bytes)
Hash
f5bd8afe58e322fa09842173e8f63f0c
6c1b1f4dbfa966e4565c2a897a2d270a8b0c3a09
f0bc2d6b525cc8f82420708f40d73b327c626752cdbeffc79e965995070a6284

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.0.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:52 GMT
etag: "5079-5f29ab6f5ca00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5845
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1

208.113.169.155

200 OK

6.0 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
HTML document, ASCII text, with very long lines (13826)
Size
6.0 kB (5988 bytes)
Hash
552ad5e8987fe5ebc60ab3bd6dc1eb41
15796d771f4b0e80642d77a8cd84c6ffaa3a2ad4
bda54a0211a5176d4512fa941093753fe065aed8baffa3d8fd3636dfddeddb73

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/modernizr.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "380e-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 5988
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5

208.113.169.155

200 OK

10 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (32004)
Size
10 kB (10116 bytes)
Hash
b2dc5c223df265e5d597c2c78e6e19e4
0dcf070489abcf0977eddfabbfc29619e9549c4a
674b4bff61bcef4b40e6c97c01b5ac646bdb15773d3916a8b0854fc4d6774315

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/isotope/dist/isotope.pkgd.min.js?ver=6.0.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:40:00 GMT
etag: "8b8a-5f29ab76fdc00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 10116
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/02/04.png

208.113.169.155

200 OK

23 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/02/04.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 179 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (22776 bytes)
Hash
e4fe14c1651c896325421a460ff449fe
d7d0716856751486dcd87f0866abc2c0d930d24f
fd67ada31dd18a18fb9c6722d254fc92ac71256dfbf56b413e2fe535519a2553

HTTP Headers

GET /wp-content/uploads/2020/02/04.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:03 GMT
etag: "58f8-5a368bccc86c0"
accept-ranges: bytes
content-length: 22776
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2

208.113.169.155

200 OK

10 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (40587), with CR line terminators
Size
10 kB (10099 bytes)
Hash
777ba884080725a2ca1db84dc4ff1c39
11af31931f387e31cffb28e485c50d1e27942fd2
ee63ffddea696bd5e1b421ce9dd57b2316c0295828a51c7496b82be43356bd37

HTTP Headers

GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/js/slick.min.js?ver=3.2.2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:02 GMT
etag: "a05d-5f29b91b58b80-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 10099
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1

208.113.169.155

200 OK

12 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
ASCII text, with very long lines (31997)
Size
12 kB (11647 bytes)
Hash
18afff6d50b491b177c2e2c28c50c509
2111c4bb55bf5ca02a966efc8cda4582169fdf4a
9a42f64a869a53a8534eba0b543d13bdb9c9d2cf480cdc92046cd122dc800142

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/owl.carousel.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "ad37-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 11647
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/02/01.png

208.113.169.155

200 OK

37 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/02/01.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 180 x 180, 8-bit/color RGB, non-interlaced\012- data
Size
37 kB (37109 bytes)
Hash
3083b6fc3fa05a97ea01adc0971255c7
42dbdad37d25613e35a8f2dd519177e428e197dd
d7884e322a2221db9b79ea9149b7b2040c41b404890bf1f0a89748c44eb0408f

HTTP Headers

GET /wp-content/uploads/2020/02/01.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:02 GMT
etag: "90f5-5a368bcbd4480"
accept-ranges: bytes
content-length: 37109
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/04/Bentley_last-1.png

208.113.169.155

200 OK

69 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/04/Bentley_last-1.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 950 x 196, 8-bit/color RGBA, non-interlaced\012- data
Size
69 kB (69165 bytes)
Hash
c73bf960b2223abe271ef74c27b8aa2f
b6e75c092454f6345cd7d359a10a8e4f19f7b6fd
28970631a8802f14a53ada1629e4772dfc2c759d8adbc0478237cb7ef6f1da10

HTTP Headers

GET /wp-content/uploads/2020/04/Bentley_last-1.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Fri, 17 Apr 2020 18:54:26 GMT
etag: "10e2d-5a381140c1c80"
accept-ranges: bytes
content-length: 69165
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1

208.113.169.155

200 OK

20 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
data
Size
20 kB (19783 bytes)
Hash
85343bebbc531bb09c602284f92a6661
8b020258569fec9351b728ebb4405c7c0d08ecd4
f2e680edff2af75e36d47d170c32f8a16acf87cfc3b83590e6a5952474d2d195

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "139d8-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css

142.250.74.35

200 OK

4.3 kB

URL HTTP/2
www.gstatic.com/_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (23413), with no line terminators
Size
4.3 kB (4259 bytes)
Hash
c41e5d33c01691d96d76486b1544004b
20b040a572de3003c9977df33e2d631efb9cb68c
f063d4dbe944940b190b4da3716cc71fca549b9fd46d4b30ecf8e0c4a651593c

HTTP Headers

GET /_/translate_http/_/ss/k=translate_http.tr.iCxGNTE3Tqc.L.F4.O/d=0/rs=AN8SPfqhvHUlOSBSG-4xrkKOTAVZqlAYTA/m=el_main_css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 4259
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 18:28:28 GMT
expires: Fri, 02 Feb 2024 18:28:28 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 01 Feb 2023 06:11:41 GMT
content-type: text/css; charset=UTF-8
age: 348874
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.227

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 07:08:09 GMT
expires: Sat, 03 Feb 2024 07:08:09 GMT
cache-control: public, max-age=31536000
age: 303293
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0a8ea253ef61b5c330b3285f9a94e6ae
0cf9a1c66c83f505c7195774996b107c145f5884
8b6bca0cd9c9adcb16bba03349e8fcbfcd645719c82c95f0111095b731842402

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Feb 2023 19:23:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

216.58.207.227

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 20028, version 1.0\012- data
Size
20 kB (20028 bytes)
Hash
2bfde17b9a1384ce64af78db1b87a82f
8effd23e482511e249c3f8e91cdc503729b93598
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

HTTP Headers

GET /s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 10:06:16 GMT
expires: Mon, 05 Feb 2024 10:06:16 GMT
cache-control: public, max-age=31536000
age: 119806
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff

208.113.169.155

200 OK

64 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Web Open Font Format, CFF, length 63664, version 1.0\012- data
Size
64 kB (63664 bytes)
Hash
fdd9e757bf61675343dcf55100422b84
f9be87fa2d1d4a95e8305afb51778db4bc759fbc
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/fonts/ElegantIcons.woff HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/elegant-icons/style.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "f8b0-5a368a88889c0"
accept-ranges: bytes
content-length: 63664
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 19:23:02 GMT
content-type: application/font-woff
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2

208.113.169.155

200 OK

40 kB

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
Web Open Font Format (Version 2), TrueType, length 40244, version 1.0\012- data
Size
40 kB (40244 bytes)
Hash
64f88ebe25c54a12320f42f0b229961b
d819bead49948f3f349b64b5bb4322622ebdd9b2
ececd30b13956872441d17b03b9de4c032b5983f0932051e763a0a6d0250842b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.bentleycm.com/wp-content/themes/brunn/framework/lib/icons-pack/font-awesome/css/fontawesome-all.min.css?ver=6.1.1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:46:23 GMT
etag: "9d34-5a368a88889c0"
accept-ranges: bytes
content-length: 40244
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 19:23:02 GMT
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/gtranslate/arrow_down.png

208.113.169.155

200 OK

208 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/gtranslate/arrow_down.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 5 x 3, 8-bit/color RGBA, non-interlaced\012- data
Size
208 B (208 bytes)
Hash
20a650477130c7c2c62c5647131f545b
4615101fcc5df1fab3e7dd516d058e1052a8fcb2
068f35dd132804c7effcbca65f9398d34351339ed2fa7b20ef5e9a6221e76516

HTTP Headers

GET /wp-content/plugins/gtranslate/arrow_down.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 19 Jan 2023 10:35:59 GMT
etag: "d0-5f29b7fa621c0"
accept-ranges: bytes
content-length: 208
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/gtranslate/switcher.png

208.113.169.155

200 OK

207 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/gtranslate/switcher.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 10 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
207 B (207 bytes)
Hash
d6ae4f341752017ab0e603e3bb9260b7
c84c11d3bc69c7e14b2f75e7dea6e0ac93dee1e2
8c2ad9254589a597b65dae284a6da49dbfe1e3c8e628b03b80883d980fb6435e

HTTP Headers

GET /wp-content/plugins/gtranslate/switcher.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 19 Jan 2023 10:36:03 GMT
etag: "cf-5f29b7fe32ac0"
accept-ranges: bytes
content-length: 207
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/04/Fantastic-island-000049411402_Large-600x450-1.jpg

208.113.169.155

200 OK

48 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/04/Fantastic-island-000049411402_Large-600x450-1.jpg
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=17], baseline, precision 8, 414x275, components 3\012- data
Size
48 kB (48082 bytes)
Hash
cfe970e84b9c21d8039410ecae8d59ca
32a0b58c7497e4cfef82d035bb403f5e0703ac75
714e4c3cc218b913c72d3051f311202c7745d2ede32b6d508969d0027ec7c0f0

HTTP Headers

GET /wp-content/uploads/2020/04/Fantastic-island-000049411402_Large-600x450-1.jpg HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 15:51:44 GMT
etag: "bbd2-5a36a68d1e400"
accept-ranges: bytes
content-length: 48082
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/images/ajax-loader.gif

208.113.169.155

200 OK

4.2 kB

URL HTTP/2
www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/images/ajax-loader.gif
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
GIF image data, version 89a, 32 x 32\012- data
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

HTTP Headers

GET /wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/images/ajax-loader.gif HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/wp-content/plugins/wp-logo-showcase-responsive-slider-slider/assets/css/slick.css?ver=3.2.2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 19 Jan 2023 10:41:01 GMT
etag: "1052-5f29b91a64940"
accept-ranges: bytes
content-length: 4178
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/gif
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 540836
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 22:02:00 GMT
expires: Mon, 05 Feb 2024 22:02:00 GMT
cache-control: public, max-age=31536000
age: 76862
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

216.58.207.227

200 OK

20 kB

URL HTTP/2
fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 19740, version 1.0\012- data
Size
20 kB (19740 bytes)
Hash
101cf2a65d64322878605fa8472bb025
6dffc15e38c321e4bb567b4bd8107a2e8d97c61d
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

HTTP Headers

GET /s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bentleycm.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 05 Feb 2023 16:03:02 GMT
expires: Mon, 05 Feb 2024 16:03:02 GMT
cache-control: public, max-age=31536000
age: 98400
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

142.250.74.142

200 OK

104 kB

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP
142.250.74.142:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2385)
Size
104 kB (103723 bytes)
Hash
7ee182e6c7fc1db0addf7db0a38cfa23
d5db576be30113e690ff82d0f1ce596c20c8d124
5e84a61fcb091e63a9e2c2d80b6d17d5eadefab9ba127656ea14e990c6bc55c3

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 06 Feb 2023 19:23:01 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+152; expires=Wed, 05-Feb-2025 19:23:00 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/04/cropped-Screenshot_58-1-180x180-1-150x150.png

208.113.169.155

200 OK

18 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/04/cropped-Screenshot_58-1-180x180-1-150x150.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
18 kB (17761 bytes)
Hash
db01fb321dee717744bd63d0f8b76080
0db8c543def2014853d099cc756c03eab3837415
83c3788c6a9f1357dd5409ddd95b96fbc27f4c2553e6745af30be54548a5e824

HTTP Headers

GET /wp-content/uploads/2020/04/cropped-Screenshot_58-1-180x180-1-150x150.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 19:11:44 GMT
etag: "4561-5a36d34135c00"
accept-ranges: bytes
content-length: 17761
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:02 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/02/mortgages_with_overlay.jpg

208.113.169.155

200 OK

27 kB

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/02/mortgages_with_overlay.jpg
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type
PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size
27 kB (26660 bytes)
Hash
b5e29c994294566617bf675a2727cd60
c5969e350469385f91871caff452b12b546c9db4
c61aa2dd61eb30fc712c5444f9a528ae2ca16ee697f7e4e2ad47fffdb718d35c

HTTP Headers

GET /wp-content/uploads/2020/02/mortgages_with_overlay.jpg HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent
last-modified: Thu, 16 Apr 2020 13:52:01 GMT
etag: "47dcb-5a368bcae0240"
accept-ranges: bytes
content-length: 294347
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/jpeg
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9779 bytes)
Hash
352e4166a431e781e56cc7f169c7f8ca
866b76c34076cf2e18c6a071336fcf4f581f3c4d
75ba13b601f4b00c5b091eb29e7f6739ffee3e127bd6d3c4b35cc967bb6d354a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d1adf44-5bff-4d36-99c4-8dd0dc2e5ac2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 9779
x-amzn-requestid: 101b984b-9c04-4d07-b1fe-3d888f4bcd49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ftcNRFV_oAMF2_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dba721-72679ba0378015034e17b8ca;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 12:05:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FRZf4nkQyttwihy5BBbuHzT9lYQvBPqcOTdT5esu46vqMTvXAi5aQw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 21:57:24 GMT
age: 77144
etag: "866b76c34076cf2e18c6a071336fcf4f581f3c4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A300%2C400%2C500%2C600%2C700%2C800&subset=latin-ext&ver=1.0.0

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A300%2C400%2C500%2C600%2C700%2C800&subset=latin-ext&ver=1.0.0
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat%3A300%2C400%2C500%2C600%2C700%2C800%7CMerriweather%3A300%2C400%2C500%2C600%2C700%2C800&subset=latin-ext&ver=1.0.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 19:23:00 GMT
date: Mon, 06 Feb 2023 19:23:00 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/css/modules.min.css?ver=6.1.1

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/css/modules.min.css?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/brunn/assets/css/modules.min.css?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:00 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "79c1e-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:00 GMT
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:32 GMT
etag: "43767-5f29ab5c49d00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Montserrat:700%2C500%7CRoboto:400%2C700%7CMerriweather:300%2C400

142.250.74.74

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Montserrat:700%2C500%7CRoboto:400%2C700%7CMerriweather:300%2C400
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Montserrat:700%2C500%7CRoboto:400%2C700%7CMerriweather:300%2C400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 06 Feb 2023 19:23:00 GMT
date: Mon, 06 Feb 2023 19:23:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 29 Sep 2022 14:21:11 GMT
etag: "26935-5e9d196cce3c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
etag: "15e54-5e9085b47de00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-json/contact-form-7/v1/contact-forms/6971/feedback/schema HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, */*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.bentleycm.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:02 GMT
server: Apache
x-robots-tag: noindex
link: <https://www.bentleycm.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow: GET
vary: Origin,IS_SUBREQ,User-Agent
cache-control: max-age=172800
expires: Wed, 08 Feb 2023 19:23:02 GMT
content-type: application/json; charset=UTF-8
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/swiper.min.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "1d657-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/brunn/assets/js/modules/plugins/jquery.prettyPhoto.js?ver=6.1.1 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 16 Apr 2020 13:46:20 GMT
etag: "56d0-5a368a85ac300-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-length: 6047
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:32 GMT
etag: "24ca1-5f29ab5c49d00-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: application/javascript
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/uploads/2020/02/03.png

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/uploads/2020/02/03.png
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2020/02/03.png HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,User-Agent,Accept-Encoding
last-modified: Thu, 16 Apr 2020 13:52:03 GMT
etag: "4503-5a368bccc86c0"
accept-ranges: bytes
content-length: 17667
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-type: image/png
X-Firefox-Spdy: h2

www.bentleycm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5

208.113.169.155

200 OK

0 B

URL HTTP/2
www.bentleycm.com/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5
IP
208.113.169.155:0
ASN
#26347 DREAMHOST-AS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.0.5 HTTP/1.1
Host: www.bentleycm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bentleycm.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 06 Feb 2023 19:23:01 GMT
server: Apache
vary: IS_SUBREQ,Accept-Encoding,User-Agent
last-modified: Thu, 19 Jan 2023 09:39:51 GMT
etag: "765f9-5f29ab6e687c0-gzip"
accept-ranges: bytes
cache-control: max-age=2592000
expires: Wed, 08 Mar 2023 19:23:01 GMT
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (63)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML