r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10647
Expires: Sun, 05 Mar 2023 17:13:48 GMT
Date: Sun, 05 Mar 2023 14:16:21 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash edf4102b9efce8261382541ecd721da5
23a30610ea113c9f93b0ce302ce3df010bd56f05
88c132ab9697f01e979e74208e0ae12ec410c26b7a79f0cead4f9c8f86d12fda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88C132AB9697F01E979E74208E0AE12EC410C26B7A79F0CEAD4F9C8F86D12FDA"
Last-Modified: Sat, 04 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7611
Expires: Sun, 05 Mar 2023 16:23:12 GMT
Date: Sun, 05 Mar 2023 14:16:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Mar 2023 14:08:33 GMT
content-type: application/json
age: 468
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15581
Expires: Sun, 05 Mar 2023 18:36:02 GMT
Date: Sun, 05 Mar 2023 14:16:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0zedQeV6QHPbS041XrTy5P+d/81U+WmllpX8/TluR3HyaqSIDECw6/HCoDbGApE7GV5PZdxpiWQ=
x-amz-request-id: ZVYBEMNDSB7KM6CV
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Mar 2023 13:16:43 GMT
age: 3578
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Mar 2023 14:16:21 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bnt-soft.com/document/miLogin
200 OK 16 kB URL HTTP/1.1 bnt-soft.com/document/miLogin
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 9e73989c877909f81e7e69c3263ac3cd
c58ece9d994ea0f0401b061b0d319c110a87fdb8
5ebaf020f056b8777153c46abc83a08f61afb0ee5c8a4af574fee56cb60d18bc
Analyzer Verdict Alert fortinet Phishing
GET /document/miLogin HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:21 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 15685
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
X-Server-Cache: true
X-Proxy-Cache: MISS
bnt-soft.com/wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.3.3
200 OK 5.6 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.3.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (18821), with no line terminators
Hash 50ba0c9e94a556da1b6c6f9164c3e748
fec4e62d0b4d6d054dfc7bf4fc8e2b29ec67982a
104c8032dd58c2ddafc88e8126098b05e240c0ab29c8f1bdc24e5076a0dfe094
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.3.3 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 09:56:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5600
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6da779acb12dfc1041cbaf3a5c1f5ff3
4f1749a2339a8af009b5b02bb427071ef06bd5f3
45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 14:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 31ea98a505fba9fc9bfaead5eefc8135
25ca3b13f16687c34db17af4ce537b7abf4a3407
95b047f7de8bc7d5e5ff0d827abe39a6da4292319133c35fd7348c0efb9076ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 14:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Mar 2023 14:03:39 GMT
age: 763
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
bnt-soft.com/wp-content/plugins/bb_header_builder//assets/libs/font-awesome/css/font-awesome.min.css?ver=6.1.1
200 OK 7.1 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/bb_header_builder//assets/libs/font-awesome/css/font-awesome.min.css?ver=6.1.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (30837), with CRLF line terminators
Hash 132393cbbd112512206aa3c468a210ee
7c0a904b30a100e744fa0dce8a5e47079810a4c3
fe7806c8283bc20c74e50713d63b477299130d05d9b0e2391ad5d307f5eb2292
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bb_header_builder//assets/libs/font-awesome/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 17 Aug 2022 05:19:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7119
Content-Type: text/css
bnt-soft.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
200 OK 18 kB URL HTTP/1.1 bnt-soft.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (47826)
Hash 9415c9562591af7a582c29139621505f
0b12eecf36a48b871a3198550f4f65bb4a6d9b1b
06c70d3232c2ae3ed2aa259eb7a1beb329b654926813935fffa8902cd5ebaa4a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 15 Nov 2022 23:38:34 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
bnt-soft.com/wp-content/plugins/bb_header_builder//assets/css/bbhb.css?ver=1.7.5
200 OK 6.7 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/bb_header_builder//assets/css/bbhb.css?ver=1.7.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (935), with CRLF line terminators
Hash 2e669eb146bb2e397245f10c4537be66
d4f24d231d99b8dd5dd6c2fb0d42ce9365f6ad4c
4420db26c7b2e0dec4c45864edbe45764285b68f82e92310ade7239582ba0fcf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bb_header_builder//assets/css/bbhb.css?ver=1.7.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 17 Aug 2022 05:19:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6653
Content-Type: text/css
www.googletagmanager.com/gtag/js?id=G-DGHQVW1MZ2
200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-DGHQVW1MZ2
IP
File type ASCII text, with very long lines (21849)
Hash e453faed91b7da6cb67adb5c016ab721
04e6a5f81f11b8a51b59649f8b2da0cb5503bd33
e944df52f4ebfa971cf5b8c67d3fee1537bb33a02e205f311e9d3e9c00ab0b2a
GET /gtag/js?id=G-DGHQVW1MZ2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Mar 2023 14:16:22 GMT
expires: Sun, 05 Mar 2023 14:16:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78724
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bnt-soft.com/wp-content/plugins/bb_header_builder/bestbugcore//assets/css/style.css?ver=1.4.6
200 OK 214 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/bb_header_builder/bestbugcore//assets/css/style.css?ver=1.4.6
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type assembler source, ASCII text, with CRLF line terminators
Hash a475b0c7e6f334308c291ebe9a93d23b
ceaea0325c56c0a73a2f05350d5631d7d02fcf82
089765bab08afca3879851a9673cbf13f149d093571f6a14aede05d5e1a00c92
GET /wp-content/plugins/bb_header_builder/bestbugcore//assets/css/style.css?ver=1.4.6 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 17 Aug 2022 05:19:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 214
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/style.css?ver=1.1.5
200 OK 327 B URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/style.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 6062a21b4b9166d16daa17ef1e7b1ae0
81ca61f59ffdba35a28d7d792fea5da5e88bb279
0f23265d56dc91720a4a1c5f83dee8ce95cdcfb026b73f2f86566f20e2d8b477
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/style.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 327
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/bootstrap.css?ver=1.1.5
200 OK 30 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/bootstrap.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (540)
Hash e8afc5d877271d689b867bbef5078d5d
b295aa96f498fb1a391011a6c566313a9af012a9
6dc1d4a3a5152fa1e87d4373264af6456d4ff49c5b112373153686bb03e8f478
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/css/bootstrap.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/fontawesome.min.css?ver=1.1.5
200 OK 12 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/fontawesome.min.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (54872)
Hash 52d8524358d048bc78bf327e0d98c522
17abdadb7af819efdfabe5f5c046edb9e6fa440e
c902bae4b50ddb246649baf01a6d4db2ff65c4bb84433eac7d3cb09a66231838
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/css/fontawesome.min.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12017
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/flaticon.css?ver=1.1.5
200 OK 2.7 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/flaticon.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 680617bfdcd1e58b39f70b019af89c34
b797fe38b54c60a9984b36b494f4ac876df4517a
55cefc2a369cca45dfd0b417a4f438ac6d6cb36d56c06a672bd39abc7c5dc8c9
GET /wp-content/themes/andaman/assets/css/flaticon.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2691
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/owl.carousel.css?ver=1.1.5
200 OK 1.5 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/owl.carousel.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (387)
Hash e96c9d82e63fcd54a289bace32006aa8
555c466609b7b08693342a4636a5339b5224a5dd
c3ff0a109da3fc65381d0b334f93e74e0e8082c42d17a66ce0dc542b9802d0cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/css/owl.carousel.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1462
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/swipebox.css?ver=1.1.5
200 OK 1.7 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/swipebox.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 03ac4ccdc208ef396b426163dfe1589b
9b4530ea65905bb5b72b3fb11d1161ae79d5c560
ddd3a6fdf2f170b62c0e9717ec1a3b332ff1098fb2cbed4373b40dfe3752220c
GET /wp-content/themes/andaman/assets/css/swipebox.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1685
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6da779acb12dfc1041cbaf3a5c1f5ff3
4f1749a2339a8af009b5b02bb427071ef06bd5f3
45407bbfb8b7ec7d6459716c907161aca7f563ecbff0812b2687e00181c1b425
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 14:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bnt-soft.com/wp-content/themes/andaman/assets/css/theme-style.css?ver=1.1.5
200 OK 34 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/theme-style.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash fd674652c9a54daa74450c51a47151aa
b11b3836822cc13453650adf8d618a4577fd6819
8efa2215f4987d711f33f214550f25aaa5253a3942eb474a31542a90ec045b73
GET /wp-content/themes/andaman/assets/css/theme-style.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 31ea98a505fba9fc9bfaead5eefc8135
25ca3b13f16687c34db17af4ce537b7abf4a3407
95b047f7de8bc7d5e5ff0d827abe39a6da4292319133c35fd7348c0efb9076ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 14:16:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e44d064b81b73efe46cc420f8ae34410
229b99f9754fdce4f543513a0942ba63f67dc057
69b84b87493304be0456180f60ddf01f51a96fffa86fe8dddc8dd920fb262f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69B84B87493304BE0456180F60DDF01F51A96FFFA86FE8DDDC8DD920FB262F06"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15670
Expires: Sun, 05 Mar 2023 18:37:32 GMT
Date: Sun, 05 Mar 2023 14:16:22 GMT
Connection: keep-alive
bnt-soft.com/wp-content/themes/andaman/assets/css/woocommerce.css?ver=1.1.5
200 OK 11 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/woocommerce.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2e5ae60b21de4825d8d1ccb44c1c6c9b
153ae85c7610cad99d2b621c83bbe9b4cce9dbcf
030f8ceaba0b98793f5bddcd97918560418aae43efd63e19114a2b6d2e1042d5
GET /wp-content/themes/andaman/assets/css/woocommerce.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10965
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/animate.css?ver=1.1.5
200 OK 4.7 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/animate.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 34060d811473bcb0ab62b9ea543b2fd9
bb08df1cc81c7137f804cfbe03eba1db0e9ae7fc
81a34b56d470fdb95ec2c4d5a87d92a40c10c1ff5ecc0b3fc9eea8d12906bcb0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/css/animate.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4716
Content-Type: text/css
bnt-soft.com/wp-content/themes/andaman/assets/css/responsive.css?ver=1.1.5
200 OK 3.1 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/css/responsive.css?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 39a28b98095480d4407a622b227ef2f1
47c9c4fe8dfa33db699c1ee463e6de8556f7a081
867a01bd89df2a57c639f917b2c3c706ac08202529ec2718c3515f969bb11899
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/css/responsive.css?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3088
Content-Type: text/css
bnt-soft.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11
200 OK 4.6 kB URL HTTP/1.1 bnt-soft.com/wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (27639), with no line terminators
Hash a74d8a9e6361e6170342143743d34e52
033d08f24f8768a1d7cd92ba1d049a011bb585eb
c55a939cb1bad24f59b12c0533db6a87fecaede91efe8d6e285ae44dbb7990d5
GET /wp-content/uploads/smile_fonts/Defaults/Defaults.css?ver=3.19.11 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 05:26:05 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4644
Content-Type: text/css
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 14b33aa7e4d63a6e4528f62b79b2a915
be171defccc5730d3e7d0a3ddd42c8f41fa0fc36
c0d98a420e72c9438847d96acd4c8050355d13f2a3aad4f254aa0c511aa1eeda
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0D98A420E72C9438847D96ACD4C8050355D13F2A3AAD4F254AA0C511AA1EEDA"
Last-Modified: Sun, 05 Mar 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=243
Expires: Sun, 05 Mar 2023 14:20:25 GMT
Date: Sun, 05 Mar 2023 14:16:22 GMT
Connection: keep-alive
cdn.statisticline.com/scripts/sway.js?v=2
200 OK 1.5 kB URL HTTP/1.1 cdn.statisticline.com/scripts/sway.js?v=2
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (1540), with no line terminators
Hash 7853431469ad111b9b18bd55002b7c26
33f10256fa9fdefb631fedf649ca11b12e885656
09d9be01c21f386d0a1a9cb8856e43abb89db221cd0c6aa8737ee91d98acb30e
GET /scripts/sway.js?v=2 HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:22 GMT
Content-Type: application/javascript
Content-Length: 1540
Last-Modified: Mon, 27 Feb 2023 11:08:51 GMT
Connection: keep-alive
ETag: "63fc8f43-604"
Expires: Wed, 15 Mar 2023 14:16:22 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: p9EaSsGmFevTvfGZW9302A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IXGfLm1dgL/CwgQW/UuNHHDOjtE=
bnt-soft.com/wp-content/plugins/google-analytics-premium/assets/js/frontend.min.js?ver=7.3.1
200 OK 2.9 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/google-analytics-premium/assets/js/frontend.min.js?ver=7.3.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1125)
Hash f6aa8cf27bfa2044789cf62b1d4cd059
a66777ed0c4c38bbbb9bc429d144fac61e1918d6
3b47be217e9717db6742b33e83072ccfab9b23cb611c0d0a88ccf62a454f5676
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-analytics-premium/assets/js/frontend.min.js?ver=7.3.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:41 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2897
Content-Type: application/javascript
bnt-soft.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.6 kB URL HTTP/1.1 bnt-soft.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 14:36:06 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4618
Content-Type: application/javascript
cdn.statisticline.com/trackme
200 OK 888 B URL HTTP/1.1 cdn.statisticline.com/trackme
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (2060), with no line terminators
Hash f932dd4025709f3c0eca9dbae2e25b9e
be53ed4be86a4ba5e06f243d159f3584aef4b30f
1886a01430d32c4fdd8a99f0e1df4f72c2a01262e0c906470162205fe7f2071d
GET /trackme HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:22 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 888
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa2n8lkg; expires=Wed, 05 Apr 2023 14:16:22 GMT; path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0XCI6MTY3ODAyNTc4Mn0sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE2NzgwMjU3ODJ9LFwidGltZVwiOjE2NzgwMjU3ODJ9In0.QfbOp4yF9845qq6h3Xx3EFbC-saPuGJc5MbExGBZmxQ; expires=Fri, 08 May 2076 04:32:44 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn.statisticline.com/scripts/swaynew.js
200 OK 1.6 kB URL HTTP/1.1 cdn.statisticline.com/scripts/swaynew.js
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (4210), with no line terminators
Hash 87952e513016cd59f1b60185f4cb7c21
7f512d3f562880962954efeab1742385f033558f
a98407a402f6e27d73a1c61c64e9fb8df9f07155850aa7d3d657d66f467e8ead
GET /scripts/swaynew.js HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:23 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Mar 2023 12:58:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63ff4c0d-1072"
Expires: Wed, 15 Mar 2023 14:16:23 GMT
Cache-Control: max-age=864000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
bnt-soft.com/wp-content/plugins/mpc-massive/assets/css/mpc-styles.css?ver=2.4.8.1
200 OK 47 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/mpc-massive/assets/css/mpc-styles.css?ver=2.4.8.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1218), with CRLF, LF line terminators
Hash e23f8835c436b1ffdd340a1982d4f2e7
9ad056608b9fb460646642d48b25dea19da0b5a8
08f15ec8571efeb7c7bd5765648d240c9cbb21a3145b92134891a57452aec241
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mpc-massive/assets/css/mpc-styles.css?ver=2.4.8.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 05:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: text/css
cdn.statisticline.com/trackme
200 OK 888 B URL HTTP/1.1 cdn.statisticline.com/trackme
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (2060), with no line terminators
Hash f932dd4025709f3c0eca9dbae2e25b9e
be53ed4be86a4ba5e06f243d159f3584aef4b30f
1886a01430d32c4fdd8a99f0e1df4f72c2a01262e0c906470162205fe7f2071d
GET /trackme HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 888
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa2n8lkm; expires=Wed, 05 Apr 2023 14:16:23 GMT; path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0XCI6MTY3ODAyNTc4M30sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE2NzgwMjU3ODN9LFwidGltZVwiOjE2NzgwMjU3ODN9In0.gWrDOLqQVrLeoPJh_mYBdF5jRdFw4KWxxdrl88qp9qk; expires=Fri, 08 May 2076 04:32:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
bnt-soft.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
409 Conflict 83 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 409 Conflict
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bnt-soft.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
409 Conflict 83 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 409 Conflict
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bnt-soft.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
200 OK 40 kB URL HTTP/1.1 bnt-soft.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (64357)
Hash 7991ccef9272c709de8cd7ff808a677f
8ba599b8b881dca81c80605125139b16706989c3
8b83acbf461d4371d31f7a5bbc5449e88b4a20014a291574161ab30832f4ba2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Mon, 27 Feb 2023 13:10:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.17
200 OK 17 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.17
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash 90f6e8c5ab06c4a84e891273fe408f11
e179dd1d69a298813e510bbee6ad7ada54c784f6
dae65be78c71939b66b3158a05d4738fb42424239e06c99d4464183888c1cfea
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.17 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:22 GMT
Server: Apache
Last-Modified: Wed, 02 Mar 2022 06:07:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:22 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 16638
Content-Type: text/css
bnt-soft.com/wp-includes/css/classic-themes.min.css?ver=1
200 OK 189 B URL HTTP/1.1 bnt-soft.com/wp-includes/css/classic-themes.min.css?ver=1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 10:00:50 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 189
Content-Type: text/css
bnt-soft.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
409 Conflict 83 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 409 Conflict
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bnt-soft.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
200 OK 5.7 kB URL HTTP/1.1 bnt-soft.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (15660)
Hash 89d1addab2794c0eb3ff855e59cbfa4a
739c62788ca74a3ade5421b5fb4645d28ce300f9
19e71ffcf548fe1af0916ef44f68966d1ec9a9471c6eb0800d4bc98f93b111d0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Mon, 27 Feb 2023 13:10:08 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5660
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5
200 OK 8.0 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (25961)
Hash 134b49733fa7c96f3b10d6990ba1e03a
c1c2a4e608a5c021bbaddaee96279e56d766f08f
f620302f7ce1997e1bf91346419bf9825068c314f79d47fec98be238b6646b71
GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 8047
Content-Type: application/javascript
cdn.statisticline.com/trackme
200 OK 888 B URL HTTP/1.1 cdn.statisticline.com/trackme
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (2060), with no line terminators
Hash f932dd4025709f3c0eca9dbae2e25b9e
be53ed4be86a4ba5e06f243d159f3584aef4b30f
1886a01430d32c4fdd8a99f0e1df4f72c2a01262e0c906470162205fe7f2071d
GET /trackme HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 888
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa2n8ll9; expires=Wed, 05 Apr 2023 14:16:23 GMT; path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0XCI6MTY3ODAyNTc4M30sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE2NzgwMjU3ODN9LFwidGltZVwiOjE2NzgwMjU3ODN9In0.gWrDOLqQVrLeoPJh_mYBdF5jRdFw4KWxxdrl88qp9qk; expires=Fri, 08 May 2076 04:32:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/css/style.css?ver=6.1.1
200 OK 2.2 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/css/style.css?ver=6.1.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 30a9af8fa1bda357db8aaa73147b6c46
ce84645bf9e66841f9cee457e676ad0ca2c9b373
542256b83113eb2b99f69b60cef934f962ce93c166881d83c35dbcd068b55f81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/portfolio/framework/css/style.css?ver=6.1.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2246
Content-Type: text/css
bnt-soft.com/wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.3.3
200 OK 6.3 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.3.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (38599), with no line terminators
Hash 351043bf60dc22ad51c3b2b20e9a71ed
48efd01c65145f594b5a71f1bab931a9eede7edb
5734fca6a248ca22746c4a7951f8a01a79ea94740a2c18f43dec61f988d7e48e
GET /wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.3.3 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 11 Nov 2022 09:56:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 6280
Content-Type: text/css
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/custom_plugin.js?ver=1.0.0
200 OK 1.4 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/custom_plugin.js?ver=1.0.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (357), with CRLF line terminators
Hash 1667a0941390780f5c0c17208c4c2fce
ddd477c8b829a02286893850f44a2124dcb1ccdb
94cf8c0e476b7c1a4852816cae5d056f19c5e217beece44b12af6257c5ea592f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/custom_plugin.js?ver=1.0.0 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1439
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.17
200 OK 59 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.17
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (45108), with CRLF line terminators
Hash 08ebf425f155a6ab60e000fcaaf9d489
36a1d7cc84c3331109bf6b5b669d47aabf075e9c
9a9e55309958ce3e408c8f054e1819f4d58cdd0ffacca741973adb0b59c0f280
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.17 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Wed, 02 Mar 2022 06:07:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/jquery.waitforimages.js?ver=1.0.0
200 OK 678 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/jquery.waitforimages.js?ver=1.0.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1191), with CRLF line terminators
Hash d0dba2c44eca981c675ad121dfd2815e
455a598c8d79072e1fae73ced797e077afbde84e
46f1b51fa64f41cde7e8a83980697fc9eb0d115a99acd7868153e38499845ffd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/jquery.waitforimages.js?ver=1.0.0 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 678
Content-Type: application/javascript
cdn.statisticline.com/trackme
200 OK 888 B URL HTTP/1.1 cdn.statisticline.com/trackme
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (2060), with no line terminators
Hash f932dd4025709f3c0eca9dbae2e25b9e
be53ed4be86a4ba5e06f243d159f3584aef4b30f
1886a01430d32c4fdd8a99f0e1df4f72c2a01262e0c906470162205fe7f2071d
GET /trackme HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 888
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa2n8llk; expires=Wed, 05 Apr 2023 14:16:23 GMT; path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0XCI6MTY3ODAyNTc4M30sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE2NzgwMjU3ODN9LFwidGltZVwiOjE2NzgwMjU3ODN9In0.gWrDOLqQVrLeoPJh_mYBdF5jRdFw4KWxxdrl88qp9qk; expires=Fri, 08 May 2076 04:32:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
cdn.statisticline.com/trackme
200 OK 888 B URL HTTP/1.1 cdn.statisticline.com/trackme
IP
ASN #2856 British Telecommunications PLC
File type ASCII text, with very long lines (2060), with no line terminators
Hash f932dd4025709f3c0eca9dbae2e25b9e
be53ed4be86a4ba5e06f243d159f3584aef4b30f
1886a01430d32c4fdd8a99f0e1df4f72c2a01262e0c906470162205fe7f2071d
GET /trackme HTTP/1.1
Host: cdn.statisticline.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Mar 2023 14:16:23 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 888
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Expires: 0
Pragma: no-cache
Set-Cookie: _subid=s8hnpa2n8llm; expires=Wed, 05 Apr 2023 14:16:23 GMT; path=/
3936f=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0XCI6MTY3ODAyNTc4M30sXCJjYW1wYWlnbnNcIjp7XCIxNVwiOjE2NzgwMjU3ODN9LFwidGltZVwiOjE2NzgwMjU3ODN9In0.gWrDOLqQVrLeoPJh_mYBdF5jRdFw4KWxxdrl88qp9qk; expires=Fri, 08 May 2076 04:32:46 GMT; path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/isotope.pkgd.min.js?ver=1.0.0
200 OK 13 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/isotope.pkgd.min.js?ver=1.0.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32033), with CRLF line terminators
Hash 22825b70227abcbbdb989a42165761e9
da14916a6a44e6e45fb168561b6329b3212e3d9e
280730a8016a72349edf50db8230c6842d130fefde9a1c178d44be7d913939af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/isotope.pkgd.min.js?ver=1.0.0 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 13036
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/imagesloaded.js?ver=1.0.0
200 OK 2.6 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/imagesloaded.js?ver=1.0.0
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6832), with CRLF line terminators
Hash 025ec9304e1183562f0d65d150a6e1ea
175eeed491b9066746a199fd75b0463ad7fa0e96
85dcbab2f386395883293699d25135671f1e6b0b0670bff93a57477edbdce999
GET /wp-content/plugins/wp-andaman-plugins/portfolio/framework/js/imagesloaded.js?ver=1.0.0 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2585
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/vc_custom.js
200 OK 1.9 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/vc_custom.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (419), with CRLF line terminators
Hash 26af7663244cba71dabd16329487f3d8
f4462094c8e1dc1eb432c674e7348c92b6e3ad80
87620fa81659a3ccbc403373ddf4e9eacade68754e5a03ceee694cf36c376f1f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/vc_custom.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1883
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jarallax.min.js
200 OK 5.8 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jarallax.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (14653)
Hash 74152a82389079be12d2b2038c94af00
335ead25b488321b9179e809a59f1c3ebbc7b5a8
921d91d5226e708259140b684f86e39f523eea0fc44b5d6e849f0c52d40b0801
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jarallax.min.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 5813
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/text-rotator.min.js
200 OK 640 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/text-rotator.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 0e45a3131a320788143de90d13e2fbd0
4150d158d299ecff055e07201d94a8704ef2ef88
5bb09af792d8ad4a6e62d3b779e3ca711d0234b872650cba2c858fa33bdb6fbf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/text-rotator.min.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 640
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.mb.YTPlayer.min.js
200 OK 20 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.mb.YTPlayer.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (62326), with CRLF line terminators
Hash 7f6be5aa6725b84e8f9d760bccb923f5
257b90d1c3a7f7c871e6bdac9f13519294bb3d1e
6d604b5ca1bab925be39f0fb8b121b60e61a9d89c5dac7f8d257fd4eb9422175
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.mb.YTPlayer.min.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.mb.vimeo_player.min.js
200 OK 10 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.mb.vimeo_player.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (31983)
Hash 3af35827bafb0a222d0d955e2747ebc0
f3dc679aa556752225a5ec206e9c4df742ad75d7
96c2c7eae8d763a6bc8029d70383b203776420e917c0a0858330681d885502bf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.mb.vimeo_player.min.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 10295
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.circle-progress.min.js
200 OK 1.8 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.circle-progress.min.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4187), with no line terminators
Hash 89ca9cf207a17515a40c9170aa576a96
1484100ae8eef8674d62131f81d9ae1bead437c7
3fced1ec21150d4bc73c2456a1b75ad425a789958a08b3e200a527ddad1f3479
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/jquery.circle-progress.min.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1831
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/typing.js
200 OK 4.2 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/typing.js
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 9b5bd5bbd12fe4154106e5e5a18c5812
628338b2e090e1d6b5aad573953e6d9047ce0cc6
fdd57c3db6787a4c79e80fd18125fbd8a99568373784fd2172ade41d48d51092
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-andaman-plugins/shortcodes/vc_extend/typing.js HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sat, 19 Feb 2022 10:35:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 4186
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.3.3
200 OK 20 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.3.3
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (48811), with no line terminators
Hash 4ddfd7637da046929ad1d82a388c2c3b
35e87445e35839acee5fdd8cf8874f211861c82c
af7d5db49c705673b7653f2576e433c5a41773f74130727caa94d57e4532f7ae
GET /wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.3.3 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Fri, 11 Nov 2022 09:56:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15643
Expires: Sun, 05 Mar 2023 18:37:07 GMT
Date: Sun, 05 Mar 2023 14:16:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15643
Expires: Sun, 05 Mar 2023 18:37:07 GMT
Date: Sun, 05 Mar 2023 14:16:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15643
Expires: Sun, 05 Mar 2023 18:37:07 GMT
Date: Sun, 05 Mar 2023 14:16:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15643
Expires: Sun, 05 Mar 2023 18:37:07 GMT
Date: Sun, 05 Mar 2023 14:16:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9efde266-ca49-41eb-9487-44e134916b4f.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9efde266-ca49-41eb-9487-44e134916b4f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 724fa48ccca0d3c13ff4b7d6f37b9d83
464c721a0b21748887983c18b374919fded7a9ec
2f9c5afbf0cf73ef947f3a1befe80aab80c1ba62a0b1c4d4484ad1508b8c0e62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9efde266-ca49-41eb-9487-44e134916b4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10330
x-amzn-requestid: 8260d57d-a18a-47c2-b1ab-e3446828fb72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BRnFOFpIIAMFQ5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6403b887-6aad3a6721a923a2785af45e;Sampled=0
x-amzn-remapped-date: Sat, 04 Mar 2023 21:30:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: YolHx4HW2oHDzevgb0-FMIxiT_2MwqcRXEbPeURHFE2w2gaz6YDz_w==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 21:49:36 GMT
age: 59208
etag: "464c721a0b21748887983c18b374919fded7a9ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 20gfRWuEZKeWijeUdUr10sCx8uqri-zpK-KTXBJrZaQOm3V1Gk8KQw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0ec9ddba08fcd99386924593dbdbd44a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 11:26:52 GMT
age: 10172
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febb649fd-6473-4000-bdf4-910bc663409e.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febb649fd-6473-4000-bdf4-910bc663409e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03519c14f30c2d1072635a874608c6a8
47fba480252055427b509e42d3e386205bd06d9a
8278866bff13368594f3eab9d322e8dcc71a2bc2fbe253b551aaaa65690e53bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febb649fd-6473-4000-bdf4-910bc663409e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14370
x-amzn-requestid: 2ac76cd4-6438-4487-889f-c8682b6042af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BOVSHFiDIAMF6aQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640268da-544f85de2bda5d81155bbb3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 21:38:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: TrHBDKGnIymhMrnhnhWtHqyCIH77GkmiKWHIHJHjlqs9aAx-hQ57Rg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 23:56:26 GMT
age: 51598
etag: "47fba480252055427b509e42d3e386205bd06d9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf34e2f-8dac-4fce-8d4c-2b85b8342158.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf34e2f-8dac-4fce-8d4c-2b85b8342158.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 707ba11f104b875f01e30dff685677a9
d761a2e4a57b87a139d223c4fb02786bd3166c05
629170d761e8c04b5702f3d60be5de6ef7c94db02e0ad73ae77703c1ef2d0ea8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf34e2f-8dac-4fce-8d4c-2b85b8342158.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5372
x-amzn-requestid: 485c4108-38f1-4d27-b3c6-45beec384d6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BMVblHBlIAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64019c49-255a422f0b8b9ffd5f7dccb4;Sampled=0
x-amzn-remapped-date: Fri, 03 Mar 2023 07:05:45 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: SLmY7G9hKyYU-6dvT3KYYZkUhORIjMtAh2SKREMVAL7NDRcs5C9DYg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 07:23:05 GMT
age: 24799
etag: "d761a2e4a57b87a139d223c4fb02786bd3166c05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73553b60-b79c-4793-8a85-88c69a1c5b56.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73553b60-b79c-4793-8a85-88c69a1c5b56.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 98ed59dcca70bb236c44c2dcfca12a0e
5680f11fdd1e9c760fbaedb4709444e032a7a863
1b2ef2809795b0a23fac7fca6714296fb54b24edc893994f6284389811c4fda9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73553b60-b79c-4793-8a85-88c69a1c5b56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: 61acefc8-fac0-4462-abae-71dfb90b05d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_KGqG5wIAMFS0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc56f7-3f2a324979162e2159c0dc49;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:08:39 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: si0j8ch-78G1nHsJ1TS9vrlxd_kA8tZB1Mc3WR603P81CLJtY_l8HQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 22:01:57 GMT
age: 58467
etag: "5680f11fdd1e9c760fbaedb4709444e032a7a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8abcdf8b-d542-4d16-a8f7-0cb74a2f41a3.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8abcdf8b-d542-4d16-a8f7-0cb74a2f41a3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c3d50cd0866b97ec301332844b8c5c3
ae5e32bdad4dfa161630dd927eb24505c9a07366
485b39a2e310ddd9ccc2796cfd306d0cfacd6d66e8ae7e42a6b84c5272d442e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8abcdf8b-d542-4d16-a8f7-0cb74a2f41a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10884
x-amzn-requestid: fd171e3f-9ff3-45f3-ab68-e97dcd237639
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BCb_KEUPoAMFyxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fda6c7-5d6df2783ca4a67625c66c43;Sampled=0
x-amzn-remapped-date: Tue, 28 Feb 2023 07:01:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zLJ8_nICbavlipA7vW7B3C7AVMm9O-0BLcxDYeeJPnzXDxMNldOh5g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Mar 2023 16:47:02 GMT
age: 77362
etag: "ae5e32bdad4dfa161630dd927eb24505c9a07366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bnt-soft.com/wp-content/themes/andaman/assets/js/bootstrap.min.js?ver=1.1.5
200 OK 14 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/bootstrap.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32033)
Hash ad7339964f395566ac9d75903d96b9de
ea5756ab8d399418e0f862a8ff1249df3f77790f
3adfc0a685bd6eee9638948b1085d3db733c75caff8409b7582e356671588491
GET /wp-content/themes/andaman/assets/js/bootstrap.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 14394
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/viewportchecker.js?ver=1.1.5
200 OK 1.1 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/viewportchecker.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash fb018e09bd8b7275e4be2627dfd507d6
509566953a560c1ef5e293cae401d574a8c174a5
07ddfe4aa1aac2c7364b675f8792cf9562c1b3df1d3c83adcb6dc0c7d5afff7a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/viewportchecker.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1110
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.fitvids.js?ver=1.1.5
200 OK 985 B URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.fitvids.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (1597)
Hash 325b47d10aa3f772eeeb4c7c979c52f3
2b2d7bebb1499cd2acc7ad5185cf74db6b8faa05
74b0c6484bb0836ade19481de3daebe2b0b6c8a655247cb8e699933decd5438c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/jquery.fitvids.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 985
Content-Type: application/javascript
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8f905f906af92bffeb8701de5bc1452b
69f68825eecadb0cc20310888a951b3b0705f219
6ac0b5ab6c9324aa7a5a5fd5691b229744ab5192cb79dad76059fd3638998d88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AC0B5AB6C9324AA7A5A5FD5691B229744AB5192CB79DAD76059FD3638998D88"
Last-Modified: Sun, 05 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21543
Expires: Sun, 05 Mar 2023 20:15:27 GMT
Date: Sun, 05 Mar 2023 14:16:24 GMT
Connection: keep-alive
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.smartmenus.js?ver=1.1.5
200 OK 17 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.smartmenus.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1495)
Hash c4372aaa7c13ea54250f737274c4011b
338bd716b8e34d5e1eb5d7170907259cccb1e409
52111f1251a50a741d543cae0c426265ff4f4e48e7a0ef36a2fc6a31dc579f4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/jquery.smartmenus.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 17001
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/wow.min.js?ver=1.1.5
200 OK 2.8 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/wow.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7009)
Hash 541626e93c68cd950a752d91c2fd595b
77fa3b63ef3293ce63971e229ce594b69ca3537c
f5fff7cf58ac8f1fe93f04486418d91e9d61f38057f0ebfc111c939feb0f0e11
GET /wp-content/themes/andaman/assets/js/wow.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2779
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.17
200 OK 134 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.17
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (64288)
Size 134 kB (133615 bytes)
Hash 3d6cf381fb163c7dd14a9962703c8f13
ea25ee012c87f3901fbba01f3b18c8be7255c2ce
4651c0de2df66d3dc04387fd712b9bed095c1e265fd1482bd99cfc7e154f2b5f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.17 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:23 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Wed, 02 Mar 2022 06:07:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:23 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.swipebox.min.js?ver=1.1.5
200 OK 8.0 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.swipebox.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash acac575a3d3f3cc139e292f5a8121d35
96d1c3cf731e7ad92423183d59a5c9efc866f107
19f88459f5992573941e82ada2f5f74511deceea370e03af511e496af960322f
GET /wp-content/themes/andaman/assets/js/jquery.swipebox.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 7960
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/isotope.pkgd.min.js?ver=1.1.5
200 OK 13 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/isotope.pkgd.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32010)
Hash 5eeec76ec50fc28d1e31797a636100b6
5160d21e4fe68359df7ce5b290d98ac0de364ab4
5453eaddaf8e576b326b2e8d90557d522070e75ecda9aadb68affafeb611df2a
GET /wp-content/themes/andaman/assets/js/isotope.pkgd.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 12806
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.easing.min.js?ver=1.1.5
200 OK 866 B URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.easing.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3338)
Hash 94e0e6359a74f3f02c93b214a48f83c0
f48e68f753873a6943e3c9e822c2bfb118d6bcf0
3372a9dd18427125dea547946b0888bd13659486bde1ca73a7d50509f51d4c84
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/jquery.easing.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 866
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.waypoints.min.js?ver=1.1.5
200 OK 3.2 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.waypoints.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (8863)
Hash f9205f54f1541c3eed7542adc6c2400c
d0e3f4481c911808090c3b5069ea7370b7f6524f
70d1dd9d1b93485c46ab320b15de1e044c665af1b5f2548d1255d306ffdb58de
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/jquery.waypoints.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3216
Content-Type: application/javascript
bnt-soft.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
200 OK 2.1 kB URL HTTP/1.1 bnt-soft.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5477)
Hash f0bd7ad12acdee26cbb2701c1ba3610b
53c5d15129860868b60b74cb010b2c6050a64f69
e6d0cb19e56d22e8e511c23ca2bd233bedb40e3c7cf4ff38fe6f059bc7e0c64f
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 14 Jun 2020 00:23:28 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2103
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.sticky.js?ver=1.1.5
200 OK 3.0 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.sticky.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5eae3105f61959f19e022bc3ccc17c72
fa18855ae2b7a415b25771e8996f43fee15c4f3c
70af709ee6e0030b01706fa40ae6ccb432481a1e5df5cc01146fdd89cf6ad116
GET /wp-content/themes/andaman/assets/js/jquery.sticky.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3009
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.malihu.PageScroll2id.js?ver=1.1.5
200 OK 8.5 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.malihu.PageScroll2id.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 12641ae951a7f194cbd75cafdae2b44a
ac5d546762845b52ab39fafca2f53650e3318db9
60ff57ccd0283fa61d84c88cc74f81c069691bc90eca11e9ff8c3da975f7a9fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/jquery.malihu.PageScroll2id.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 8543
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.countdown.min.js?ver=1.1.5
200 OK 1.6 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/jquery.countdown.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3360)
Hash 66631f835646068e8f2001d44356fde2
80f3cd04db9eff9d1397e9984f80fe713ae7f31e
68158122ce6298f3736a86d85d1bac87bfa43603c430c781973f414eaa26c8e2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/js/jquery.countdown.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1577
Content-Type: application/javascript
region1.google-analytics.com/g/collect?v=2&tid=G-DGHQVW1MZ2>m=45je3310&_p=2075706817&cid=1024339715.1678025784&ul=en-us&sr=1280x1024&_s=1&sid=1678025783&sct=1&seg=0&dl=http%3A%2F%2Fbnt-soft.com%2Fdocument%2FmiLogin&dt=Page%20not%20found%20-%20BNT%20Soft&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-DGHQVW1MZ2>m=45je3310&_p=2075706817&cid=1024339715.1678025784&ul=en-us&sr=1280x1024&_s=1&sid=1678025783&sct=1&seg=0&dl=http%3A%2F%2Fbnt-soft.com%2Fdocument%2FmiLogin&dt=Page%20not%20found%20-%20BNT%20Soft&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-DGHQVW1MZ2>m=45je3310&_p=2075706817&cid=1024339715.1678025784&ul=en-us&sr=1280x1024&_s=1&sid=1678025783&sct=1&seg=0&dl=http%3A%2F%2Fbnt-soft.com%2Fdocument%2FmiLogin&dt=Page%20not%20found%20-%20BNT%20Soft&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://bnt-soft.com
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://bnt-soft.com
date: Sun, 05 Mar 2023 14:16:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bnt-soft.com/wp-content/themes/andaman/assets/js/owl.carousel.min.js?ver=1.1.5
200 OK 15 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/owl.carousel.min.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32045)
Hash fbe99391114d4d28d4aceabcd4739251
ab63a50161bbb56bdfa4c69e5218f3951f7cb820
b625b13a3af4e6f201a95ebda8b4fc5d99113219bc433aa02060f3dc523e2e4d
GET /wp-content/themes/andaman/assets/js/owl.carousel.min.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 15365
Content-Type: application/javascript
bnt-soft.com/wp-content/themes/andaman/assets/js/main.js?ver=1.1.5
200 OK 2.6 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/js/main.js?ver=1.1.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a12db2039307aabffcdcf10d34dcc00e
a34edbafa7355b611126cc4a02a8b09ab45a082c
88df8f5f1eafd060d1320fadcab7dab08ea1d79be3f026a144f6a605c7bdf9a3
GET /wp-content/themes/andaman/assets/js/main.js?ver=1.1.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 2561
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/bb_header_builder/assets/js/bbhd.js?ver=1.7.5
200 OK 1.5 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/bb_header_builder/assets/js/bbhd.js?ver=1.7.5
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 70b69925d4c71c075efdcd34f0fa59c9
36dbcdf799e91bdeb7910b65ebb73bbf1b53c553
6e6da7348ffc41573f5b0bda7990a5394553d8687632881552383eae2951a87d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/bb_header_builder/assets/js/bbhd.js?ver=1.7.5 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 05:19:12 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 1503
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/SmoothScroll.min.js?ver=3.19.11
200 OK 3.2 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/Ultimate_VC_Addons/assets/min-js/SmoothScroll.min.js?ver=3.19.11
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (6564), with no line terminators
Hash beb2eeb69d605e2b3515c520509ef466
d86f6c98d62c99b28e21b9dd88020d340e9e18a1
5f6d006aead79dba419ed00b5b212b9b59de763f7b8a9c2af90c3a7c6eb1ab3d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/Ultimate_VC_Addons/assets/min-js/SmoothScroll.min.js?ver=3.19.11 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 05:25:39 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Length: 3186
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/mpc-massive/assets/js/mpc-vendor.min.js?ver=2.4.8.1
200 OK 32 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/mpc-massive/assets/js/mpc-vendor.min.js?ver=2.4.8.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (32043), with CRLF line terminators
Hash df8bf88e26836569034c788f80bfd165
a1e53499237cbf14f9104a59eae775873fa2bdbc
8ae90e840b3d5c0eab1fe3b86cf820250d07365aa8aa274d9b40a06d0e992e32
GET /wp-content/plugins/mpc-massive/assets/js/mpc-vendor.min.js?ver=2.4.8.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 05:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/mpc-massive/assets/js/mpc-scripts.min.js?ver=2.4.8.1
200 OK 31 kB URL HTTP/1.1 bnt-soft.com/wp-content/plugins/mpc-massive/assets/js/mpc-scripts.min.js?ver=2.4.8.1
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 676025a1cbd6334b5368b95d26323388
bd026864fe3e23e29c91d2a9a52cc191013f9f3c
3f97e9149ad507132e575fe52273e67784ee39392c483238a5ff96bae9a48066
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mpc-massive/assets/js/mpc-scripts.min.js?ver=2.4.8.1 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Wed, 17 Aug 2022 05:18:38 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Transfer-Encoding: chunked
Content-Type: application/javascript
bnt-soft.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
409 Conflict 83 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 409 Conflict
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=64
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bnt-soft.com/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkaVN.woff
200 OK 22 kB URL HTTP/1.1 bnt-soft.com/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkaVN.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 22248, version 1.1\012- data
Hash 871cb94442604523df533674b089e951
5ba7215d68a334f15eff32e571b56da460036b59
8cbc253e656f7d50165a4a132a8f6cf51c670b47ac1b1aaadb4f19aa85e77418
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-B4iFV0UzdYPFkaVN.woff HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2022 07:03:51 GMT
Accept-Ranges: bytes
Content-Length: 22248
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: font/woff
bnt-soft.com/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkaVN.woff
200 OK 22 kB URL HTTP/1.1 bnt-soft.com/wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkaVN.woff
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format, TrueType, length 22424, version 1.1\012- data
Hash 7cc72ef2f26b92abe9972e44674a24c3
bc8730403731801de9f9fe87ca38767990e1d37d
1634be0b04df347b8e403cf812887e22b1ee22b3668c3e402a777ee0c32acf04
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/rubik/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-NYiFV0UzdYPFkaVN.woff HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Fri, 09 Dec 2022 07:03:52 GMT
Accept-Ranges: bytes
Content-Length: 22424
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: font/woff
bnt-soft.com/wp-content/themes/andaman/assets/fonts/fa-solid-900.woff2
200 OK 74 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/fonts/fa-solid-900.woff2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 74256, version 329.-17761\012- data
Hash 418dad87601f9c8abd0e5798c0dc1feb
a6b003ef506e92d05cde73adf67487d7fd7ec6df
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/fonts/fa-solid-900.woff2 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bnt-soft.com/wp-content/themes/andaman/assets/css/fontawesome.min.css?ver=1.1.5
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Content-Length: 74256
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: font/woff2
bnt-soft.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
409 Conflict 83 B URL HTTP/1.1 bnt-soft.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/document/miLogin
Cookie: _ga_DGHQVW1MZ2=GS1.1.1678025783.1.0.1678025783.0.0.0; _ga=GA1.1.1024339715.1678025784
HTTP/1.1 409 Conflict
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Content-Length: 83
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bnt-soft.com/wp-content/themes/andaman/assets/fonts/fa-brands-400.woff2
200 OK 75 kB URL HTTP/1.1 bnt-soft.com/wp-content/themes/andaman/assets/fonts/fa-brands-400.woff2
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Web Open Font Format (Version 2), TrueType, length 74768, version 329.-17761\012- data
Hash 5e2f92123d241cabecf0b289b9b08d4a
7f6c682ade204e641aed8f471064c56b6eddc263
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/andaman/assets/fonts/fa-brands-400.woff2 HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://bnt-soft.com/wp-content/themes/andaman/assets/css/fontawesome.min.css?ver=1.1.5
HTTP/1.1 200 OK
Date: Sun, 05 Mar 2023 14:16:24 GMT
Server: Apache
Last-Modified: Sun, 27 Mar 2022 11:17:55 GMT
Accept-Ranges: bytes
Content-Length: 74768
Cache-Control: max-age=31557600
Expires: Mon, 04 Mar 2024 20:16:24 GMT
X-Endurance-Cache-Level: 2
X-nginx-cache: WordPress
Content-Type: font/woff2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://bnt-soft.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20085
Date: Sun, 05 Mar 2023 13:49:52 GMT
Expires: Sun, 05 Mar 2023 15:49:52 GMT
Cache-Control: public, max-age=7200
Age: 1593
Last-Modified: Tue, 10 Jan 2023 21:29:14 GMT
Content-Type: text/javascript
Vary: Accept-Encoding
www.google-analytics.com/collect?v=1&_v=j99&a=2075706817&t=pageview&_s=1&dl=http%3A%2F%2Fbnt-soft.com%2Fdocument%2FmiLogin&dp=%2F404.html%3Fpage%3D%2Fdocument%2FmiLogin%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20BNT%20Soft&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YCDAgUABCAAAAAAAI~&jid=1483035005&gjid=774006882&cid=1024339715.1678025784&tid=UA-23186260-1&_gid=968181744.1678025785&z=1487107861
200 OK 35 B URL HTTP/2 www.google-analytics.com/collect?v=1&_v=j99&a=2075706817&t=pageview&_s=1&dl=http%3A%2F%2Fbnt-soft.com%2Fdocument%2FmiLogin&dp=%2F404.html%3Fpage%3D%2Fdocument%2FmiLogin%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20BNT%20Soft&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YCDAgUABCAAAAAAAI~&jid=1483035005&gjid=774006882&cid=1024339715.1678025784&tid=UA-23186260-1&_gid=968181744.1678025785&z=1487107861
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /collect?v=1&_v=j99&a=2075706817&t=pageview&_s=1&dl=http%3A%2F%2Fbnt-soft.com%2Fdocument%2FmiLogin&dp=%2F404.html%3Fpage%3D%2Fdocument%2FmiLogin%26from%3D&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20BNT%20Soft&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=YCDAgUABCAAAAAAAI~&jid=1483035005&gjid=774006882&cid=1024339715.1678025784&tid=UA-23186260-1&_gid=968181744.1678025785&z=1487107861 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
pragma: no-cache
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
date: Sat, 04 Mar 2023 17:42:22 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
age: 74043
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c8421aa87880e86d908e4bd8926d2f3b
d4aeceb5495eb8855bf28c5a5e0472bfddae92b4
085b52272770d005c1f23a7a50e625aea194b1b2310cf56b33df4df2841874aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 14:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-23186260-1&cid=1024339715.1678025784&jid=1483035005&gjid=774006882&_gid=968181744.1678025785&_u=YCDAgUABCAAAAEAAI~&z=352944968
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-23186260-1&cid=1024339715.1678025784&jid=1483035005&gjid=774006882&_gid=968181744.1678025785&_u=YCDAgUABCAAAAEAAI~&z=352944968
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-23186260-1&cid=1024339715.1678025784&jid=1483035005&gjid=774006882&_gid=968181744.1678025785&_u=YCDAgUABCAAAAEAAI~&z=352944968 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://bnt-soft.com
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://bnt-soft.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Mar 2023 14:16:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash c8421aa87880e86d908e4bd8926d2f3b
d4aeceb5495eb8855bf28c5a5e0472bfddae92b4
085b52272770d005c1f23a7a50e625aea194b1b2310cf56b33df4df2841874aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Mar 2023 14:16:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bnt-soft.com/wp-content/uploads/2020/04/2-1.jpg
200 OK 1.2 MB URL HTTP/2 bnt-soft.com/wp-content/uploads/2020/04/2-1.jpg
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1232, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=2122], progressive, precision 8, 2122x1232, components 3\012- data
Size 1.2 MB (1213457 bytes)
Hash 51990ea3e701cc6c75efe1b30df78473
6ca983a3a0fc22715ca3afacb5d66958484326b7
5f3b45db262a64ea4420ab0157cb876ccf1f1ea346cb0bba5987fc085213ffa1
GET /wp-content/uploads/2020/04/2-1.jpg HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 19 Feb 2022 10:35:54 GMT
accept-ranges: bytes
content-length: 1213457
cache-control: max-age=31557600
expires: Mon, 04 Mar 2024 20:16:24 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/jpeg
date: Sun, 05 Mar 2023 14:16:24 GMT
server: Apache
X-Firefox-Spdy: h2
bnt-soft.com/wp-content/uploads/2020/05/favicon.png
200 OK 1.6 kB URL HTTP/2 bnt-soft.com/wp-content/uploads/2020/05/favicon.png
IP
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash a31baebdd28164c731c30235b4889e9c
c72865ca5cbce028dd6ec58aaad3c5bed24e3100
47802ff162f57d285ca5cc2c023cba3bdc614449c6f3e7ea1c7f2ac07b5a287a
GET /wp-content/uploads/2020/05/favicon.png HTTP/1.1
Host: bnt-soft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 19 Feb 2022 10:35:54 GMT
accept-ranges: bytes
content-length: 1553
cache-control: max-age=31557600
expires: Mon, 04 Mar 2024 20:16:25 GMT
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sun, 05 Mar 2023 14:16:25 GMT
server: Apache
X-Firefox-Spdy: h2
unpkg.com/object-fit-images/dist/ofi.min.js
302 Found 0 B URL HTTP/2 unpkg.com/object-fit-images/dist/ofi.min.js
IP
GET /object-fit-images/dist/ofi.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Mar 2023 14:16:22 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /object-fit-images@3.2.4/dist/ofi.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GTS22WZ7Y370NEGB26EVXB8K-fra
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7a32f9f2ce1a0b39-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic
IP
GET /css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%7CKarla%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext%2Ccyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://bnt-soft.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Mar 2023 14:16:22 GMT
date: Sun, 05 Mar 2023 14:16:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unpkg.com/object-fit-images@3.2.4/dist/ofi.min.js
200 OK 0 B URL HTTP/2 unpkg.com/object-fit-images@3.2.4/dist/ofi.min.js
IP
GET /object-fit-images@3.2.4/dist/ofi.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://bnt-soft.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Mar 2023 14:16:22 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Mon, 20 Aug 2018 15:51:24 GMT
etag: W/"cdb-o/tJ9n+yfVAl9z8gXIThrgqdnNM"
via: 1.1 fly.io
fly-request-id: 01F52TZR31X9MQPJXQS4XKFA1Y
cf-cache-status: HIT
age: 26117944
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7a32f9f3df100b39-OSL
content-encoding: br
X-Firefox-Spdy: h2
162.251.80.14
104.16.126.175
23.33.119.27
194.135.30.210