dmgtrading.bg/Libby
301 Moved Permanently 707 B IP
ASN #197216 Delta HighTech Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /Libby HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Tue, 29 Nov 2022 01:17:21 GMT
server: LiteSpeed
location: https://dmgtrading.bg/Libby
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11919
Expires: Tue, 29 Nov 2022 04:36:01 GMT
Date: Tue, 29 Nov 2022 01:17:22 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2554
Cache-Control: max-age=122193
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:22 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:13:55 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 00:19:33 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3469
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10580
Expires: Tue, 29 Nov 2022 04:13:42 GMT
Date: Tue, 29 Nov 2022 01:17:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tEFM1qRggb08eCLKQjnjQrQ1Ayvb9qiXEWV02yWMuG8mHMKeVGyUvfpHC1hSJJCAwPD8IDzQCkM=
x-amz-request-id: XMX1Q5EG4ZJQQ0E5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 00:45:14 GMT
age: 1928
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 01:17:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 01:11:12 GMT
cache-control: public,max-age=3600
age: 370
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4328
Cache-Control: max-age=118901
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:22 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:19:03 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmgtrading.bg/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.7.5
200 OK 7.9 kB URL HTTP/2 dmgtrading.bg/wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.7.5
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (39309)
Hash c9c90b52b01ebb37884b9fcf27c96381
be8c72314766a3a2fb9995ca2c9c3b957178f157
666910059f69167f32a2cb6bb2b5bdb3524eb85be54cdafc179285d863a499e1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/css/minified/main.min.css?ver=3.7.5 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7887
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
200 OK 10 kB URL HTTP/2 dmgtrading.bg/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (39791)
Hash 3cc7696f4c8caa2b1c7acab0c2ae1515
2df12fe5d820c9c8129c9276e2bb94f9df860331
5ec052aed0f32fed1fc31c9be24e1cd03a7bcdede8ae098af3d1997fdfb51a6a
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.9.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Wed, 06 Apr 2022 06:37:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10549
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.5
200 OK 259 B URL HTTP/2 dmgtrading.bg/wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.5
IP
ASN #197216 Delta HighTech Ltd.
Hash 49736e2d926fb2846e2df8fc0a1b69f8
0c415addd3603df8843209de4fc448ef5c443761
be091ce2d9948f24a59c9d1578557cd92e8180e2318dc0a21308ca180071f8d0
GET /wp-content/plugins/header-footer-elementor/assets/css/header-footer-elementor.css?ver=1.6.5 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 259
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0
200 OK 3.6 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (18854)
Hash 23d0cda7fbd7f269a200dfff8ee211c6
497cc19819270e7a3795ab61e775c130ac7b255a
299d22db4a8362551089748bb93645f190469be3b392fa206b9872bd298bb41b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.13.0 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3554
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/uploads/elementor/css/post-15.css?ver=1638962933
200 OK 346 B URL HTTP/2 dmgtrading.bg/wp-content/uploads/elementor/css/post-15.css?ver=1638962933
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (1116), with no line terminators
Hash 7bbd323cae95c98026a0a898381a62a9
125baf3e30b9363e7708546f2efc8a19d4e04747
42dc4c6a50b05e4c8fab16b8ec9e9851ce2f5af130a00ee979e49967ce22a300
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-15.css?ver=1638962933 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 346
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.4.7
200 OK 553 B URL HTTP/2 dmgtrading.bg/wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.4.7
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with CRLF line terminators
Hash 7007e93a0317aebd76161de73881bb95
aaabfde5753ff0c3ec9903215ca87385b87043d1
3d90e7df02622e357779af3e8acc1b9ce99d6dce36bb9a8d6f984c4add086045
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/css/she-header-style.css?ver=1.4.7 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 553
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/uploads/elementor/css/global.css?ver=1638962934
200 OK 5.9 kB URL HTTP/2 dmgtrading.bg/wp-content/uploads/elementor/css/global.css?ver=1638962934
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (40868), with CRLF, LF line terminators
Hash 94422a023d1223d8da9953aeaca85171
5c194e10dbff7ec5fd4a8fea0873c29d8f57c7a5
11321b168265806d37720d6b4a79c9371899b0d6eb7d66306443511d86525cbe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/global.css?ver=1638962934 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5908
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/uploads/elementor/css/post-30.css?ver=1638962934
200 OK 1.7 kB URL HTTP/2 dmgtrading.bg/wp-content/uploads/elementor/css/post-30.css?ver=1638962934
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (7576)
Hash 752cf94935fe504eb56347c572da401d
afa95ef03a3b1438fcd8feb7e3b9c2fd081d2b35
0f4cbbbe001a47d175434328a53f14c508b6d55bc5179295fc619deb4844df66
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/elementor/css/post-30.css?ver=1638962934 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1726
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.8
200 OK 16 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (65497)
Hash 9de9c05ea6d529fadd72c8065e584f1c
8bcde11eedda27c6c349a334b4c4bc726faa2cee
fcdc0e3b652ff9dd5a189602efd68ee079baf295c5441ed9859c9a3632152a21
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 16496
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/premium-addons-pro/assets/frontend/min-css/premium-addons.min.css?ver=2.6.2
200 OK 22 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/premium-addons-pro/assets/frontend/min-css/premium-addons.min.css?ver=2.6.2
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e83bfab56874529402e9788f602ee046
93f8e44ac668f96e23621d903329010899c77974
c211d7c1427dd7bcf00188b2d525853ffed3ef4a3af256147554f0e3a5b9d025
GET /wp-content/plugins/premium-addons-pro/assets/frontend/min-css/premium-addons.min.css?ver=2.6.2 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21734
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmgtrading.bg/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.5
200 OK 7.4 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.5
IP
ASN #197216 Delta HighTech Ltd.
File type Unicode text, UTF-8 text, with very long lines (1646)
Hash 806afc62d640eb03fccbd5fe46ed8666
31259bb9e403fbe379125ea0c562ac11d76dc4d7
f7ceb3661377e98e71ccebe4d91336ac77e4e62a84bff79a1e6f865f3d00c26f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/header-footer-elementor/inc/widgets-css/frontend.css?ver=1.6.5 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7374
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/uploads/elementor/css/post-110.css?ver=1638962934
200 OK 1.1 kB URL HTTP/2 dmgtrading.bg/wp-content/uploads/elementor/css/post-110.css?ver=1638962934
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (10952), with no line terminators
Hash 5335c7ab04bee27a7d5682f348870116
8a9f5e2b0fc4d90c81c768fe169fe43e225050b2
4552f7f7b26ee6f3056c2c2147a4985cb1b2e10b13f18f7f5875ecbbea149178
GET /wp-content/uploads/elementor/css/post-110.css?ver=1638962934 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1101
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.9.3
200 OK 966 B URL HTTP/2 dmgtrading.bg/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.9.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (5326), with no line terminators
Hash 48cf0bd214254b0d3f4fcf6ca2eef55b
bd9baa2beb0a401d5e98f21f0ba5590592b949fc
97c70401af16ee85f949db582f98fab6d416455aa6be6448321a0bcf55826b2e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=5.9.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Wed, 04 May 2022 10:36:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 966
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/themes/astra-child/style.css?ver=1.0.0
200 OK 581 B URL HTTP/2 dmgtrading.bg/wp-content/themes/astra-child/style.css?ver=1.0.0
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (916), with CRLF line terminators
Hash 7df1f3284048a50dbb5fffd01cfd71ec
4bf11d8c97a1f8ad9ea9889e94213a7488a6770b
6bd2ea82592467b9a14904f44f43dc0f4fe0784117dbbcc716eec4d4869d9b28
GET /wp-content/themes/astra-child/style.css?ver=1.0.0 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 581
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
200 OK 12 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (57726)
Hash f463afd8661ddc733305df1f0cbdaff2
77262f0209e75e340eb7014aba9cd8d69966032f
c4b6541be58a0ca61549cd4562850315077880c459c019f01e835cf2d7b764de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12133
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
200 OK 283 B URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (491)
Hash 453a93dc816be89f942ebb253ff199fb
01563d6019803e3ff2a94c5397e7e771ee6f440d
36beebcd3778e04c8973faa581d07c7e7dc0bac2a77f637379e7d110383ab5d7
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 283
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
200 OK 286 B URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (483)
Hash 8828fa3c5bdcfa66615714a2b8c9d807
4f556d0b005ac7754af607418df445f8cf98e8b1
16950dcce60bc3ee2613b60439c99e7ed74d10245f59fe6f68346b7e72dd95e7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 286
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
200 OK 4.0 kB URL HTTP/2 dmgtrading.bg/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.4.7
200 OK 1.5 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.4.7
IP
ASN #197216 Delta HighTech Ltd.
Hash 3cbed266b26a540eb8b7778692131dab
9159583e4f7db388afe69272b256a04155a89bd3
3d1c700dc0f2524d6eee8ef55ddff4962302f230c5e93bb45337b3b743440498
GET /wp-content/plugins/sticky-header-effects-for-elementor/assets/js/she-header.js?ver=1.4.7 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1483
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.3
200 OK 1.8 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (8428), with no line terminators
Hash 9237cae5604b5d12484f699c74d1f156
08ec90bc0bd5e1f0ca86cf43e860e3f83fb2b9ad
1aa3e51dbfaa36ad1374a37ace707fe28ba519f7ad3ab7ce398c654ef1a52906
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.2.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Wed, 04 May 2022 10:36:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1782
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
200 OK 4.5 kB URL HTTP/2 dmgtrading.bg/wp-includes/js/wp-emoji-release.min.js?ver=5.9.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (15224)
Hash 3c05cdbb96f694e86b05c7a3e5c6703f
615a7094f3210830bd5e6f08f845c101be2eefeb
371bb131cc739b177f4c90f67535f020d0bbee092e2ff1bad6ac38e978da3092
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4539
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7ZTOAsR6FWHE9nNwQWom3g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: AVmd7fQFd8UyyY7SnloSSwPWkOc=
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.8
200 OK 2.4 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (10019)
Hash d2db71c82a8f672aea59a3e050cd8cd7
af626566f94b3164e4310288cfb142431e8349a6
bcd2c9c2ba22a48a8fabf9fbe5e947deb6404367e4be24f48326e302aead1180
GET /wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2442
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.5
200 OK 3.6 kB URL HTTP/2 dmgtrading.bg/wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.5
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (15974), with no line terminators
Hash faa38bbb02ed2935bd790f42c1d1bae5
d258c0ff3d324539a29dc7fb3591f340adf4e1fa
577b84df12d1a96d76ef3a03e281b808ade812df4461549148972dbaffbca9ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/astra/assets/js/minified/frontend.min.js?ver=3.7.5 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3620
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.5
200 OK 3.4 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.5
IP
ASN #197216 Delta HighTech Ltd.
Hash 7cd1d83fd3305345245b56a828b69e0b
162930d78374996098506393f4cf728296d98151
3edea50e7fe023722fbcf4ed4a16d60fe5ea4ec1e104a43b49950e69a6053262
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/header-footer-elementor/inc/js/frontend.js?ver=1.6.5 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3379
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
200 OK 6.6 kB URL HTTP/2 dmgtrading.bg/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
ASN #197216 Delta HighTech Ltd.
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 4186472f300b89625cba0a93ba482c2c
19053e54644720b5dcfd71e24381347da7bc7cc9
a411ccc7d565d73b533d894b9972460cc5ea81743da6c2c7ee0877050ed8005d
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 18:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6599
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
200 OK 996 B URL HTTP/2 dmgtrading.bg/wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (3228)
Hash 81d54df1879b81006908c8b867017a45
3be56368e557330430cd3c67825b194e05b4fc53
c74a586073eb677bf656767e98bfede6b708fd20affd7fbfcf974e2b77c4f3d5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/mouse.min.js?ver=1.13.1 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 18:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 996
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
200 OK 4.6 kB URL HTTP/2 dmgtrading.bg/wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (18149)
Hash d0f2f23991ae1b93f0d4b313bcae0e6e
538b5af583c725094c635e262a1c5adc8f96d2d8
67d67306c9f602a26671a29636f7fbc2093464258793be64cc1a81debdac03ab
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/draggable.min.js?ver=1.13.1 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 18:49:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4638
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.4
200 OK 6.0 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.4
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (25150)
Hash b5e0683107def79a2ae496584939231b
06689123163ca3a55fc58630439ed52f0115afe5
297fbad7c8b7afaaabd1172a4a307be43d8b00c25dedf3fd26cdca933ce70446
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.7.4 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6044
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-addons.min.js?ver=4.7.3
200 OK 9.7 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-addons.min.js?ver=4.7.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (36851), with no line terminators
Hash fb539d4fcd9aec5aa430aad572183fa2
f58573aa2a58d5805c775406fc082d4da7d15948
d22b26b8ab643584d67d034fc6ed6ea9042e2146deea63442b741457d81e4cc8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/premium-addons.min.js?ver=4.7.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9699
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8
200 OK 2.0 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (4840)
Hash 9ee67288564b75da5a4e925cfb1bef17
0a223463774347b8e8fc6ec9e40de23f077156c6
2fbaf156cd2fe9e5ce272202990e53f7b05235a896a8545fd53f371c6c732e87
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2011
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8
200 OK 4.4 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (13963)
Hash 576ca361de3ff1fd062d61f0707eaaee
b8f683035cfc40df94dc6cae078f03310807e259
5b07297f61e3b5b60d14d890303e4ba3dccca1f29b785998e7b09073009188d3
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4369
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/uploads/2021/11/dmgtrading.bg-logo-200-83.png
200 OK 16 kB URL HTTP/2 dmgtrading.bg/wp-content/uploads/2021/11/dmgtrading.bg-logo-200-83.png
IP
ASN #197216 Delta HighTech Ltd.
File type PNG image data, 200 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 4425a8dca0418cabb1c6f034715d1db8
ca8c2c685180b56afda5871d1dfe494769530e2e
88b0b37ca59e853a6d49e72ffbfadfcf60177740ac8b5457bc7aece1bef05699
GET /wp-content/uploads/2021/11/dmgtrading.bg-logo-200-83.png HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: image/png
last-modified: Mon, 13 Dec 2021 12:50:04 GMT
accept-ranges: bytes
content-length: 16092
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
200 OK 30 kB URL HTTP/2 dmgtrading.bg/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.7.3
200 OK 22 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.7.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5ef62d1de1fbcfb4d2c59ebe4b927c6c
47be0724711ea0b5471eeaa275a9149f1f1e3426
c89a936d4d0acbf80195ad17980d98e9c08d40b2596fd27de0924bebbd0d0f55
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-css/premium-addons.min.css?ver=4.7.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: text/css
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21856
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.7.3
200 OK 63 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.7.3
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 40f3f50958251ffe13a0ab9b794c9832
f00440f74ea6cec009c810aeb7329f2d3548ba93
8e7980ba3ca2a5fca7755c6d3b07e77d13d62e30d721e7f81b4ff03a364f3d6b
GET /wp-content/plugins/premium-addons-for-elementor/assets/frontend/min-js/lottie.min.js?ver=4.7.3 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 62846
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
200 OK 2.9 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (12198), with no line terminators
Hash 869caa171b68cbec9fee5abbfb944ee8
f237e485e41f88b77384cfdb880f9d5a8f46eac8
25c2896e2790fb0e52f6b6ba1ce97bd87eb40463b4bb65ba16ad434c1d7a36dc
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2867
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
200 OK 34 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (65280)
Hash 83a90323ac82b98062b4b2c8ac8c5051
d7d376677e3546b756b4fec6219be72b85c4f8f5
7fd68e9ea0ebd35958da46d7373113d1a3646a671217cf2cf471c65c3d710613
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 34004
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8
200 OK 8.7 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (32235)
Hash 90a0487c1dca61b29255bc8d64ecfe54
c9d2cdcc30d886ba467699a7793240a85cd3f79c
eeb1af7425199c7eccff275d995d3ee3f3eef0cc58d38be4a2f1b2b97d159078
GET /wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8742
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8
200 OK 10 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (36590)
Hash 80f20a818e1e2de4cb081ee5cd480760
9b9738b1c27afab25842ffee09771a54e130cf41
429a6696b17195858e68b000cc4804d699935ffd6204cc69d519386a973f9b9b
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:22 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10312
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
200 OK 3.3 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (10725)
Hash 8c5a95ea30259ea6dc50f9f1357dc31a
be1fd6dc96f6ba018bbfa49a058390700ead5bf0
914c938c132cd311967ed71676397704bf8d95abf2c51c79937f43be35030a70
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.8.1 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:23 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3331
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.8
200 OK 1.0 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.8
IP
ASN #197216 Delta HighTech Ltd.
File type ASCII text, with very long lines (2577)
Hash f5c8273175207966436fe071db580974
643680fc9a1703cb3bc469bfbb3dbcbf6425e38a
8b0897055f6baa5de94adb95e824af4afd1dced496711c905c8b7c09738aa4de
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.4.8 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:23 GMT
content-type: application/javascript
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1023
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
200 OK 78 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP
ASN #197216 Delta HighTech Ltd.
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:23 GMT
content-type: font/woff2
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-length: 78196
date: Tue, 29 Nov 2022 01:17:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 455014
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 452595
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 17368, version 1.0\012- data
Hash abe083d96b58eb02ada8b7c30d7b09f2
61447d66d13a8c8f4335696777a85c438c46f749
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
GET /s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17368
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:56:18 GMT
expires: Thu, 23 Nov 2023 18:56:18 GMT
cache-control: public, max-age=31536000
age: 454865
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
200 OK 13 kB URL HTTP/2 dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
IP
ASN #197216 Delta HighTech Ltd.
File type Web Open Font Format (Version 2), TrueType, length 13276, version 331.-31261\012- data
Hash f0f8230116992e521526097a28f54066
0447c6b10bbf73f97b23dcfd6e6a48510822cb6e
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://dmgtrading.bg/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=5.15.3
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:23 GMT
content-type: font/woff2
last-modified: Mon, 13 Dec 2021 12:50:02 GMT
accept-ranges: bytes
content-length: 13276
date: Tue, 29 Nov 2022 01:17:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9644, version 1.0\012- data
Hash 6f112ec2b932ee12379442c42853244e
b2e73c8c70d6261e1d187f41693c43ac4fe0809d
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9644
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:41 GMT
expires: Thu, 23 Nov 2023 19:34:41 GMT
cache-control: public, max-age=31536000
age: 452562
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9576, version 1.0\012- data
Hash 9b9ec29522d1bf8924ccc2d917e1807b
1df345651c653bba476ab6b8546351ec7f4f018a
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:55:24 GMT
expires: Tue, 28 Nov 2023 21:55:24 GMT
cache-control: public, max-age=31536000
age: 12119
last-modified: Wed, 11 May 2022 19:24:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 452582
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:49 GMT
expires: Fri, 24 Nov 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 413854
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 472191
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 32860, version 1.0\012- data
Hash d010a9f2d5c7a0374b3b84706a43d2ec
c1fe465db08785c3f115555d39db23838960cb66
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 15:39:48 GMT
expires: Sat, 25 Nov 2023 15:39:48 GMT
cache-control: public, max-age=31536000
age: 293855
last-modified: Mon, 11 Jul 2022 19:12:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash 7b08b9e11fc6b8a8a1398b357e874144
4b5fb5790fae1c96655aaa7a426b697f5ab986d0
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:56 GMT
expires: Thu, 23 Nov 2023 19:34:56 GMT
cache-control: public, max-age=31536000
age: 452547
last-modified: Wed, 11 May 2022 19:24:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 21544, version 1.0\012- data
Hash d89cae5474ac4464b71bd3c51794cee6
ba9e55412727b5050e61bca6b288ff1b27ba548d
b6872478482ee5d74077229ed5a9dad8d6f15e3d34e8ad7ef2192dbc837e6693
GET /s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufJ5qW54A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dmgtrading.bg
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21544
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 07:00:51 GMT
expires: Fri, 24 Nov 2023 07:00:51 GMT
cache-control: public, max-age=31536000
age: 411392
last-modified: Mon, 11 Jul 2022 19:15:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 01:17:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dmgtrading.bg/wp-content/uploads/2021/11/dmgtrading.bg-logo-512-512-300x300.png
200 OK 29 kB URL HTTP/2 dmgtrading.bg/wp-content/uploads/2021/11/dmgtrading.bg-logo-512-512-300x300.png
IP
ASN #197216 Delta HighTech Ltd.
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash e9da64b681f2f0512a709b5ccabb40d4
3f266e83106dfaa8b0abfc64e334d62c069df15a
a43fb2b687fe49b381df0af478db08cf781659fbc48dc3cdac39c3b307b015f6
GET /wp-content/uploads/2021/11/dmgtrading.bg-logo-512-512-300x300.png HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:23 GMT
content-type: image/png
last-modified: Mon, 13 Dec 2021 12:50:04 GMT
accept-ranges: bytes
content-length: 28868
date: Tue, 29 Nov 2022 01:17:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
dmgtrading.bg/wp-content/uploads/2021/11/dmgtrading.bg-logo-512-512-150x150.png
200 OK 12 kB URL HTTP/2 dmgtrading.bg/wp-content/uploads/2021/11/dmgtrading.bg-logo-512-512-150x150.png
IP
ASN #197216 Delta HighTech Ltd.
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash a079cc7f36bd77d060e0d83e7b544107
1882d48942ed6d3bb9927831ee285d975361ec97
eeadd8c41779fd3c77d069ef7d69d34c6762c7beb339bd63569c27ff2fd12842
GET /wp-content/uploads/2021/11/dmgtrading.bg-logo-512-512-150x150.png HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/Libby
Cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 01:17:23 GMT
content-type: image/png
last-modified: Mon, 13 Dec 2021 12:50:04 GMT
accept-ranges: bytes
content-length: 12442
date: Tue, 29 Nov 2022 01:17:23 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10502
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10502
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10502
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:17:24 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10502
Expires: Tue, 29 Nov 2022 04:12:26 GMT
Date: Tue, 29 Nov 2022 01:17:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ieDA8l_Up51cFaB9IExlSs8A5m-H77va1rCVF_WRMg_FN53Xakipuw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 12629
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c808183085a429c53515508678fc7ab2
6567069d9f5199205ba1ca7a937fcb0a52f95d06
c7ca95730cbc97d7c243e05b23520166faefcd2dfe90f36f70fad1f7e4537e4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69f1b665-d8ee-457c-8f1d-e696be0cdbf6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9162
x-amzn-requestid: f7fb3b99-6f1c-4ab3-9547-a337d54e8c9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVjI8E9poAMFaQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63854bd2-0679b83d1aa3b7c71aa6bf1c;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 00:01:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DVS-FTO93p2gjrvMYzKgNjZmrPxmUuiJHWLuZqOMZzJFwEcWJbW35Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 00:36:14 GMT
etag: "6567069d9f5199205ba1ca7a937fcb0a52f95d06"
content-type: image/jpeg
age: 2470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e44c46db2ac9917110dc47aa38fdc85
b5b245c90705ad80c31d457c0d7c96709ca31e96
5024225a583b188860eaf21f7196c06cef8b2e89389ae4b1df6e314399f3b2ae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad01b94-5d16-49b9-bf3e-5742e02ae8b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8796
x-amzn-requestid: 2eed036c-fcda-425b-8c5d-0b0ff31214a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEEWMIAMFwKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-5cb071a2098d43d909eb8d5c;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uWzs8gOBoczTeYXB7-FfJemWbh-hYHwNcR3b9BM5VtJ55NRUzCZeTQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:56:22 GMT
age: 37262
etag: "b5b245c90705ad80c31d457c0d7c96709ca31e96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa7a7fb1-8e53-47cc-bd1c-80ab0e8ecd59.jpeg
200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa7a7fb1-8e53-47cc-bd1c-80ab0e8ecd59.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b421b66a29c15df61049ef5d5f34bc2
f3c1297885fa2fd37557222d5490dfb0afed19ef
3c88aecb898378f0d070fe9e9733ac42b89b57349e8e9f51ffb0508b88821980
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa7a7fb1-8e53-47cc-bd1c-80ab0e8ecd59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3711
x-amzn-requestid: e9825e7e-0fa7-4165-9b59-f554a4bf1d6b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_dkuFKToAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c761e-7ebc3c3b480cdd94059616b7;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:11:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TQQiAdJwsSxsS2C-3y_SNOHPtiuPMKcfu-4Db4zlOjbHsTfRnHWl8Q==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 18:16:01 GMT
age: 25283
etag: "f3c1297885fa2fd37557222d5490dfb0afed19ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
200 OK 3.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06723cdab42df9b5334f540a8c7ebc60
3bbc44cb84a37ce6a067db4301dd81647a77c29f
9f6f064b16044c510650635690c61003fb2f6439021a2e681431136f5e7a08b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb99c22d6-3187-4d40-8281-7980c7988464.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3905
x-amzn-requestid: bf50db76-dd95-44fc-abbe-1a26a5559ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMFcYHE6IAMFmpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638182b5-50b6d010058c6cb75c05c6de;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 03:06:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qJi8Y13bwnYMJDH5WYNxMShIEZef1SYGdHsDY8_vJoPzwT0PhPr0hQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:10:04 GMT
age: 65240
etag: "3bbc44cb84a37ce6a067db4301dd81647a77c29f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d574c4db20a68295dbd06cb08f5990b
433061bbb226048765a711deca3026ee3e52372f
8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lzXj01ht9kpuwONgKM0xM0QRu8G9M9oX6rwYzv_Q_sI09Y3-RIVF-A==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 03:47:05 GMT
age: 77419
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=5.9.3
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=5.9.3
IP
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&subset=cyrillic&ver=5.9.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dmgtrading.bg/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 01:17:22 GMT
date: Tue, 29 Nov 2022 01:17:22 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dmgtrading.bg/Libby
404 Not Found 0 B IP
ASN #197216 Delta HighTech Ltd.
Analyzer Verdict Alert fortinet Malware
GET /Libby HTTP/1.1
Host: dmgtrading.bg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.32
set-cookie: super_session=42f82d939a0d86e5eed04e969e9a28cf%7C%7C1669686442%7C%7C1669686082; expires=Tue, 29-Nov-2022 01:47:22 GMT; Max-Age=1800; path=/; secure
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://dmgtrading.bg/wp-json/>; rel="https://api.w.org/"
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 01:17:22 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
79.98.104.3
93.184.220.29
34.102.187.140
23.36.76.226