r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4166
Expires: Tue, 07 Mar 2023 21:46:18 GMT
Date: Tue, 07 Mar 2023 20:36:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7989fc4a69327c765a7e4e68f46c169b
1f3e8e6e9e640c3d99ec52dc947b68fa9c1d335b
b15c98c58fae6a49e831bc0db617bedf8538bbfa011a84553debdcbe461433d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B15C98C58FAE6A49E831BC0DB617BEDF8538BBFA011A84553DEBDCBE461433D0"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6431
Expires: Tue, 07 Mar 2023 22:24:03 GMT
Date: Tue, 07 Mar 2023 20:36:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Mar 2023 20:13:34 GMT
content-type: application/json
age: 1398
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12472
Expires: Wed, 08 Mar 2023 00:04:44 GMT
Date: Tue, 07 Mar 2023 20:36:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qDCMwKam3b3/QL8JQjkDczr0SuZFdB7ZdCL36L9eWcxf5UXQoBH2Ien4eNDRfKtW7TssyMLwg98=
x-amz-request-id: PKG43KASMRD5F23B
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Mar 2023 20:17:42 GMT
age: 1150
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Mar 2023 20:36:52 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Retry-After, Alert, Content-Length, Backoff, ETag, Content-Type, Cache-Control, Last-Modified, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Mar 2023 20:03:41 GMT
age: 1991
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e40f37168f4abba1e0efa6ca4de1e709
731d36cf841f1b889d9dca71abf406a186325aed
a9d8a1030ec5e70745f085f90e35a4b8832956ff20bd6719f3dbe6dd7291fc05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9D8A1030EC5E70745F085F90E35A4B8832956FF20BD6719F3DBE6DD7291FC05"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7521
Expires: Tue, 07 Mar 2023 22:42:14 GMT
Date: Tue, 07 Mar 2023 20:36:53 GMT
Connection: keep-alive
push.services.mozilla.com/
54.213.114.144101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.213.114.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MYd1IFvfiPnqC+cSB0H7mg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FK5BbaEOV7esxdbtq7s5QUE4vgA=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13367
Expires: Wed, 08 Mar 2023 00:19:41 GMT
Date: Tue, 07 Mar 2023 20:36:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13367
Expires: Wed, 08 Mar 2023 00:19:41 GMT
Date: Tue, 07 Mar 2023 20:36:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13367
Expires: Wed, 08 Mar 2023 00:19:41 GMT
Date: Tue, 07 Mar 2023 20:36:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13367
Expires: Wed, 08 Mar 2023 00:19:41 GMT
Date: Tue, 07 Mar 2023 20:36:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6edb15b0628347e7e7064affe077331
c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26
56c482b858cef1eb56a47dc54b298c31c2dd85cacdc748cea30b3d74a3cda99b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e3c14e5-22bb-45cb-88ea-f02e2c9a3090.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3359
x-amzn-requestid: c884d077-cb85-41c5-adcb-2baac3350d4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOuYHNJIAMFUig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065e5b-74ab80fe0f96e85957d1a0f3;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 5IlVoIIqNo7P0mzxWpDyuMF8xLoDQqldyINHPFIvnRmLoen0sce1tg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:09:51 GMT
etag: "c64ec1ad9bbbed800c3560cbdbe1631fbe5f9e26"
content-type: image/jpeg
age: 80823
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d9e542d11eb3e8eaf08c83e0d72ea74
3113bde9c7ab14701fc4dbc39eec955b30d70150
c677d4b6fc6cf9c120e4f1844cf4605aeb6c7902fdde34ae21258fbb64d0f79b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F854c41b2-cfb4-4762-9ada-143a1a51438c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8512
x-amzn-requestid: 9f7f00c0-dfb4-4b72-a4be-1a5f3c6f2401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYNhZHU4oAMFTsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065c6f-5b1f26a475702ce913902e66;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: SRN7vb7fldI_vjnuKgm6wXus67qkokYCVJBJXdCNeCQ7mfxRDKcqaQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 21:54:06 GMT
age: 81768
etag: "3113bde9c7ab14701fc4dbc39eec955b30d70150"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ec4f2da6f73f59d9a2493697cbaec8c
3513d0fa932a2cf6ec0cf948cfd6e9c67e450824
cbe6ab8f36271592c0febfa90fe92c88d96dce40197e66cb7c06470bf99eccde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd4d400fe-c6a9-4998-bd0c-22271ed5bede.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9515
x-amzn-requestid: b2c70ebf-087b-4adf-bc0d-d657586581cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A_J1hHdLoAMFQKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fc5689-632acdce4082512541dc8c1a;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 07:06:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DH-jkcare5_Lmpq_M188dxcLGdvvYb3mj98EAWqe5Z6YCnxff9Xw3w==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:38:34 GMT
age: 79100
etag: "3513d0fa932a2cf6ec0cf948cfd6e9c67e450824"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4a8d319b1ada8f22e8a1874033aba2c
3afc8111b03b662e88e61f4991a20a90d7d4f973
fca961af0737a3f0caa3a8d5762a309b871f54d0c8bd0e6ab4efdee4cf2fa462
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac192c39-be71-4b23-af6f-d0922c402521.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6282
x-amzn-requestid: 7f17d7b2-eff8-4e36-a0b6-661862d08620
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BYOHQGtNIAMFp8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64065d61-18f0b0196b949829744dae4c;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: U0xw1_Kqlj1h5fIdhMFyxdB7mqMJRRx7ZpjFOo165GNmsiGruqLHmg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 1d000d0dfe9d69b4983f619fdc5499d6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 22:13:56 GMT
age: 80578
etag: "3afc8111b03b662e88e61f4991a20a90d7d4f973"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c229e9be4ad878528d3be67e4c05e7b1
03da37d1ac086a0fe3c6415cc297a6a38659db46
13927a535230f45e8fe13412b7d5a3a63f253aca91ac8e4f0c78f1dab289d4d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3389a930-6e96-43f6-92b6-997fabeb27da.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: b14d1930-331a-4c89-8f32-13fd0107655a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BK_C1GAsIAMFqoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64011211-67b4ba2644683bba365394d5;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 21:16:01 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 7S23wJqg6X5oCo7wlR9S9Ol8Hm5WB0LsBmtyCCKEsYnJNtRXUbAsEQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 16:57:00 GMT
age: 13194
etag: "03da37d1ac086a0fe3c6415cc297a6a38659db46"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28063b72ccbc658caa4705a87e7a4e12
35a9f5d55ffadd16548d61c99d59e426dd11ce21
a9a2c8104c6c8454eff30437c96b672e230b073623f33a67614fe4fa3ba0645d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e9d3719-c918-44cb-8546-6929c5bebc79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7235
x-amzn-requestid: 17b741c5-3911-46a5-b22d-17ef50381ad4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BWO15EPHIAMFx-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-640591bf-58dbdf76597432b9505f5805;Sampled=0
x-amzn-remapped-date: Mon, 06 Mar 2023 07:09:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: IYw6V_NejqrqRl4UmaUhYInv69UZcaqm8ytploOryAw3Gz4jyJNbdQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b618c0f73dc30c968057784ed0185d7a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 05:13:26 GMT
age: 55408
etag: "35a9f5d55ffadd16548d61c99d59e426dd11ce21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.biancogroup.co.uk/
131.153.19.250301 Moved Permanently 0 B IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 Mar 2023 20:36:52 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
X-Redirect-By: WordPress
Set-Cookie: PHPSESSID=9f1f73ff0fb44e050ba124310895acdf; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://biancogroup.co.uk/
Vary: Accept-Encoding
Content-Length: 0
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8
biancogroup.co.uk/
131.153.19.250200 OK 14 kB IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash d90b7c4db9f2830ccb02fe7cdb273338
15864f89b5812fa4951b37c1922cb71a219cf936
7c9e52b58ec4e7293957a5530e52352188b905e70efef2001fee5a1a1fea20ad
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://biancogroup.co.uk/wp-json/>; rel="https://api.w.org/", <https://biancogroup.co.uk/wp-json/wp/v2/pages/1821>; rel="alternate"; type="application/json", <https://biancogroup.co.uk/>; rel=shortlink
set-cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1; path=/
vary: Accept-Encoding
content-encoding: br
content-length: 13599
content-type: text/html; charset=UTF-8
date: Tue, 07 Mar 2023 20:36:55 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/css/classic-themes.min.css?ver=1
131.153.19.250200 OK 145 B URL HTTP/2 biancogroup.co.uk/wp-includes/css/classic-themes.min.css?ver=1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash 2dfb9ddeabe846b150087876ceb22a74
c9e3350631e53855d04d6dce360a675c84b3131d
26ef5cb63a695419cf11c79a759b46c5568df3716e4f1d36e7612b3695d5b554
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 145
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
131.153.19.250200 OK 12 kB URL HTTP/2 biancogroup.co.uk/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (47826)
Hash 5e3752655a7a33c049db06c0edf386e6
573c51b0de413f30a220c9261506635f9daf2b81
d6571c641370e9bb83b25b5a493fca6ae3109ae384f7a8a9507ccdfb9067627d
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11590
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant-x/style.css?ver=1.0.1
131.153.19.250200 OK 1.7 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant-x/style.css?ver=1.0.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (462)
Hash f4889f5895fcaa0f080c947439d190be
592bc2dcf50fa7fc453eb5473a18fceff27f6a70
5260f0629cc4d3787d82bb918927ca37b413064837ac2e1ed588c2cb5661a7f3
GET /wp-content/themes/avant-x/style.css?ver=1.0.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 16:48:58 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1731
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/css/dashicons.min.css?ver=6.1.1
131.153.19.250200 OK 35 kB URL HTTP/2 biancogroup.co.uk/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (58981)
Hash 7fbcc041be6ad8d6c01df3697646add7
cd0d65c3a45063f698a57cc71a8ee2ddd55514d6
0711b72619b3527b17a64dfb69e3141e29d3aae5d1a02c8bf9c06b710d30f900
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 35109
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/templates/footer/css/footer-standard.css?ver=10.4.9
131.153.19.250200 OK 495 B URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/templates/footer/css/footer-standard.css?ver=10.4.9
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash 0ce36d35d04729d376f7aea4dab68857
aae7268783e11dba72ceb7e251a32bef8c372c65
0a8edc10f79256b53033f730be7b71dec266d05f5d5c817952aa43d623c11da9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/templates/footer/css/footer-standard.css?ver=10.4.9 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 495
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/css/all.min.css?ver=5.15.3
131.153.19.250200 OK 12 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/css/all.min.css?ver=5.15.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (59158)
Hash 36f8306cbf415fee13ccb0186f46417f
aed73d1c99dedfcbde827a1d3465bf4ba36f4ba7
c6fe0b32fb706ba1ee0888de8b7927e8012b6c3be14d7388b16ff6c18c0f34be
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/includes/font-awesome/css/all.min.css?ver=5.15.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 12402
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/includes/basic-slider/css/style.css?ver=10.4.9
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/includes/basic-slider/css/style.css?ver=10.4.9
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash d70276579efe25e7dfff0e589fdb1032
038f7cbfb3decbb5c2fabf6a33c672fcc0decfa4
49cde147bbaa6eec7c02548f223a7611a373fef183c07f86caa6cb971b5c936c
GET /wp-content/themes/avant/includes/basic-slider/css/style.css?ver=10.4.9 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1750
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/includes/css/woocommerce.css?ver=10.4.9
131.153.19.250200 OK 4.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/includes/css/woocommerce.css?ver=10.4.9
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash 23a21eeebc683ef15080be71fada06fc
aa557d2dd6600ddd50c30fd90f8399ddcf4b5673
6c0a5d03ffdaab47e2a219242bb8358a5b992a21ac20f8ca0ec2ec60aaf0a668
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/includes/css/woocommerce.css?ver=10.4.9 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4148
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/style.css?ver=1.0.1
131.153.19.250200 OK 14 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/style.css?ver=1.0.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (892)
Hash 768b6e77bf53b0e9f4d59eb20b7a8341
231430e500b5775335f0d970d6ed7156b72718c7
01cbc4e0d24df361e1065264eebc547bdce723a014640e49ce0b2dce205e335b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/style.css?ver=1.0.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 13613
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (10435), with no line terminators
Hash b57483a41b1307bfb9b4a16f41e82a5a
177aa6fba2821a81558ae1387edb66f7b8ca7a35
3ad186001e1c6d7fb610e5486ccd4950c5464328e525cd603a6cdffa216a0b07
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.9.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1754
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.2.2
131.153.19.250200 OK 2.3 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (17809), with no line terminators
Hash 728b3627ff8d1e1e31f8c48d8f114dd3
cba1c0a73141da181b90e3c82f0f4353277aeda9
8de326a758d4afb800629c072b13c32d377aa8b3487a5cec9d3bf14d3f973fbc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2330
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.3
131.153.19.250200 OK 5.0 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash 0ffae7cbdf2a71687b0abae209bc0ea2
db4c56017880e1fb44e36704231e7c32fe875cf5
d4fa3da26659d8aacdaa231aa43dec0a0bd62a351a9ec4c04449ff6832565e61
GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-ii.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5033
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.2.2
131.153.19.250200 OK 8.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (62781), with no line terminators
Hash d1bc92a9ed6e248707811a2dd1163820
90f7cd63e4a3df1a5ec0f815d7567be8ca8f64db
812cf3d5aa50d66e01714aef31ebff63395355566f977b2c8fd53e04c831519a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 8445
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.3
131.153.19.250200 OK 647 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type troff or preprocessor input, ASCII text, with CRLF line terminators
Hash 0f322272e06cc5ed5d64b83b7dba5cc0
9e70bbd23ebf51e1514fee65d8e902a068c62cce
413d3cc94ffa44b4b7db6fcd98f54012efbcfa5081002d50fdb3591154a75d8d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.time.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 647
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.3
131.153.19.250200 OK 2.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash e09d9f8718ae8efe4871bb502ce3d605
135e297742e3cacbeb6984d469cae1199003ed39
8598ad4c6fb963dd72a4972e3ca16d98e7bd640798c5248d1ce204db6c61f62c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-profile.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2056
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.3
131.153.19.250200 OK 1.7 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash 8ef720ba46dd35f93ee7f5d006f73fc8
3097628560b07e1bcd09afa178478f95b050c2ba
d8b908c17aa11471ddd2d48ed5f81c0e577e6d03ec9617cdf36e398837146eab
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-responsive.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1710
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.3
131.153.19.250200 OK 1.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type troff or preprocessor input, ASCII text, with CRLF line terminators
Hash 0b9264a8a6d49c0429d2a3816976f654
578c75bc19d63d6febdad81d26d7d7ee8f7c0fb2
83a3b30c76a6d0728e7196578c158758d713bfd889d49c4db81b3a2b98c696cd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.date.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1145
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.2
131.153.19.250200 OK 4.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (11348)
Hash 5289a5df8ffbc9b9a6402d7da7a916f3
ab3f33f5d5d357930450baf1e18425f05ad3cbb5
eea06e58a5094eaddc2a017c15a7647abab014ae031334177fb5fb22c67ee391
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4416
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.3
131.153.19.250200 OK 1.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (2653), with no line terminators
Hash f85522f4261c5181bb5563759439cdf3
20ceda2cbe2d3c6f2d8441fdc9eda4de7d467ca6
92696336e9160145e8363bb10ab4673e0282f93078f5889d56b70ff04c577509
GET /wp-content/plugins/ultimate-member/assets/js/um-gdpr.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1364
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a711257021c384fe40f903b5d28b5bb1
525afbdf370abc82ae2018f8cf0250fd41cdbc98
c94d2a079ffb9694c4217d7403a6686010045e96b0ab022f2227b7f881d3148a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a711257021c384fe40f903b5d28b5bb1
525afbdf370abc82ae2018f8cf0250fd41cdbc98
c94d2a079ffb9694c4217d7403a6686010045e96b0ab022f2227b7f881d3148a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a711257021c384fe40f903b5d28b5bb1
525afbdf370abc82ae2018f8cf0250fd41cdbc98
c94d2a079ffb9694c4217d7403a6686010045e96b0ab022f2227b7f881d3148a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a711257021c384fe40f903b5d28b5bb1
525afbdf370abc82ae2018f8cf0250fd41cdbc98
c94d2a079ffb9694c4217d7403a6686010045e96b0ab022f2227b7f881d3148a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash a711257021c384fe40f903b5d28b5bb1
525afbdf370abc82ae2018f8cf0250fd41cdbc98
c94d2a079ffb9694c4217d7403a6686010045e96b0ab022f2227b7f881d3148a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (14965), with CRLF line terminators
Hash ca9bd5a6d1d7455f357642c441fe980c
b18699db084e2c9112a9e36110e71162c7195e38
c1e134da3e657d147216392412a553c7eb9deb0c775021ed2936d830c34c1212
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/select2/select2.min.css?ver=4.0.13 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1806
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
131.153.19.250200 OK 967 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (5334), with no line terminators
Hash 050f4399b923fe44e444e9bf69d6a89c
49e37e8a04ee63380e587c7537be047a739d2363
7e732caa979b3a56fa4b0bcf54f2be6a19a340719791265e95cd193e84ad1ed5
GET /wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 17:37:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 967
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.3
131.153.19.250200 OK 2.3 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (7514), with no line terminators
Hash 9028194bf2cdef1421c6ba7333ed0339
4c2369054fff04b6ff4fd91894bf24ea41ba0eea
e251f9be8148550b2a6b6c7bf4d5d9e43f8c8699cb55fb2cdbd8b0fe51d6a790
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-modal.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2305
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/templates/header/css/header-three.css?ver=1.0.1
131.153.19.250200 OK 2.7 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/templates/header/css/header-three.css?ver=1.0.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash eb2d8c3cc6937ab5998759e672be7a64
b131d8f7c17dda4eae5530185528385dfb8f5030
ad749e073a8e063f39a15f4ce0aac4641737972ae475c98468d567c8441153ce
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/templates/header/css/header-three.css?ver=1.0.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2681
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.5
131.153.19.250200 OK 3.2 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.5
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type C source, ASCII text, with very long lines (10987), with no line terminators
Hash a2989906f6b6e7b93af4b0642eb7b73f
14165aaec5a21dc408bc8184efd5e42dcc07e7cc
414aaaf34c652cd805a63c8f5a09b5863194689d9402116cb92e5fa3fd327eeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.5 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Jan 2023 17:37:28 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3173
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.3
131.153.19.250200 OK 1.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type troff or preprocessor input, Unicode text, UTF-8 text, with CRLF line terminators
Hash 2c89a55c40b1afa1f7593043d27797e9
8ed17c60257a21d5783921110bc23dd5cbbfaa58
02e6b41b3b0655a1a398804be38ea0384a38159c421a889b8f3a005b08079bda
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/pickadate/default.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1080
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.3
131.153.19.250200 OK 830 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash c86880aa2357bb9443621053d8237071
2b47f29c7d4f509764aa9c3b2b2123d2c37ea221
c3d7d3022295114faef476bfb7d933983e1d7e86413e5fee4345c51ef16d95e8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-modal.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 830
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.3
131.153.19.250200 OK 1.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type CSV text\012- troff or preprocessor input, ASCII text, with CRLF line terminators
Hash eacc359d760ea7a5e62deca5964eac60
33c53a78c70564a88a0e94d4f507e57c723bc38d
31405764c10f7ec23f8e1e506e4452e877f1e44b3eb3fb863355968043903a4c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-old-default.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1087
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.3
131.153.19.250200 OK 1.0 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash 5ba5ef87c51ed8283d9fc98b9e0b0af4
137d0f67d3481fff13c985088c486218d358dc57
1422dc6bb21469f998b661f31df616f40b119d463732601e4eaa583906cb7111
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-account.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1033
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.3
131.153.19.250200 OK 441 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash fc95780861ae86097dbd871700e77621
2b619d5245a3bb06e8bb89b993551f674c2549b7
6e35f47a8b7b86fac3fa084542c525613f55e183d3a528622dd374f25ce78be4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-tipsy.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 441
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.3
131.153.19.250200 OK 888 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash 9a2fbad62f15fedd0e2814f9b4286be8
c81d26462d6e510521e753cc391293ca3130c562
ffd7f5ef658e8e97835e42eb150fbc48f601f788d105e8f6a8370a5b7158f33f
GET /wp-content/plugins/ultimate-member/assets/css/simplebar.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 888
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.3
131.153.19.250200 OK 846 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type troff or preprocessor input, ASCII text, with CRLF line terminators
Hash d9761e0e2348e4d76733bb6cb879d9e9
14e06660486952ae9c22b74d64e5271d32dc0e41
dc13a34b33801798a74b72a545e41dea9ff51d05ea68c77816c65f63061787ad
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-fileupload.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 846
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.3
131.153.19.250200 OK 392 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash f286445c1419685b52680fffbc474f78
24872ab18e1dd6ebcdcd74854588bac55d8bbb7c
5041d98f1b3748d8e40d133d9950a17ee9d0fba2d2c38f830c999390f23440ec
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-raty.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 392
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.3
131.153.19.250200 OK 630 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash bf557cbc0bac63bf1fd8a921ab8651a2
3555424e222092a6fa2cc008ab0c321d9842b334
10d6253ae3ecb503a0e5748f3db11fbb673bfdc9ea5f5d300fd33c31f7b49bba
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-misc.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 630
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.3
131.153.19.250200 OK 4.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type troff or preprocessor input, ASCII text, with CRLF line terminators
Hash 6c8db1ee7ac2871748202f4065a909c6
d1eefe3086ff9f7173e2c0c23b7566f32c473230
9a44e734781a67bfeae3b7061dbe8e72076d91d732c56094a3ded84c551dc973
GET /wp-content/plugins/ultimate-member/assets/css/um-styles.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4144
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
131.153.19.250200 OK 22 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash 02cf612ec4ae77b6cbf524f36559c745
dcebbff76b3f4c59422c2de56d3b6f4e4fa61c99
20140d3281e0d7ab20516614a7f7776eb563f2864ef936e31dae369fc377514c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.9.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 22196
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.3
131.153.19.250200 OK 4.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash 2079f8cb83c08b082d9aeabc1b629af4
55918c7ef446f584eb152b6a358b35a44b8c8452
15feb6af4f49e51d6cbde64d3b73ba0749a5e602c8efb194a2fed40471637636
GET /wp-content/plugins/ultimate-member/assets/css/um-fonticons-fa.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4422
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/hide-price-until-login/assets/js/ced_hide_price.min.js?ver=1.0.7
131.153.19.250200 OK 1.5 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/hide-price-until-login/assets/js/ced_hide_price.min.js?ver=1.0.7
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (3202), with no line terminators
Hash b358a7f1b09929678ada5bbdcb9104de
dbec7640288711b015a1334f1152735b398b96c1
e23c66afba51a8cea3b6e47b2d08c9787189a6a96f58bd2f92c7df63c27f09a9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/hide-price-until-login/assets/js/ced_hide_price.min.js?ver=1.0.7 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:10:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1455
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/hide-price-until-login/assets/js/ced_hide_price_until_login.min.js?ver=1.0.7
131.153.19.250200 OK 2.0 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/hide-price-until-login/assets/js/ced_hide_price_until_login.min.js?ver=1.0.7
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (6383), with no line terminators
Hash dda0013a3219b3bc3ca6500b21e0f621
b8a0025a35f530803764c50fce17e25e3ff4a4a9
0baf797e2c6e893fa95c39b7d3eec93a26bc665f8036b8298a7474b2448b6e5d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/hide-price-until-login/assets/js/ced_hide_price_until_login.min.js?ver=1.0.7 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:10:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2040
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/hide-price-until-login/assets/css/pop_up.css?ver=6.1.1
131.153.19.250200 OK 576 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/hide-price-until-login/assets/css/pop_up.css?ver=6.1.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash e30808dd2a60c043e67cd79238dadced
64a50e1828283313546b0f350b1118ebdb47bc2b
6dfc2d9bd38bdc73851a62255d60cdf277313e1041d492f92d7e66def41039f7
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/hide-price-until-login/assets/css/pop_up.css?ver=6.1.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:10:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 576
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.3
131.153.19.250200 OK 855 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with CRLF line terminators
Hash c92fe0c5974638d49239eb55f795d4b3
9cc38d86e20cd61e734d211df119bc26506d9e62
8bd710ab3cd3cf7a25e3790d3d4ba78d3053bfc13cfa85c75f1994a2108e2c72
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/css/um-crop.css?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 855
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.2
131.153.19.250200 OK 2.0 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (3905)
Hash 19ccd9586db038c4fedfcd857e59b34e
b9c402d08bfca00c1b64ce3004470983101fbb8d
adc2dc2dd1b1e9000597e7d53c86bf6a11d2f07fa07a920aae4fa8e283f0a0cf
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2044
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.2
131.153.19.250200 OK 2.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type HTML document, ASCII text, with very long lines (5266), with no line terminators
Hash 18c3ed3ba50d38a6f58437b09e0063f6
21db1f66be62f0ceda3668cc2189112116fa0599
46ef2f832b658f4ed6f510e9df57f36ef4add611a6bc4a93fcf20478403b2029
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2140
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.2
131.153.19.250200 OK 2.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (5175), with no line terminators
Hash 97f77a460ae2b8c03488c8f87f86ae70
8970197ccd950ef4a407c5ee62d80b35ca948ce5
3e58087a6d4ccdd10ef4ef85fe58f8a5e3e02aa024c9832a23e8b013c2f45b00
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2096
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.2
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (4376), with no line terminators
Hash acfc94e8bb2b3e985f7507a4f210f07b
321b3cb04d43909f16ae920d4cb31b14311b010c
0d9f430274ccfc07ee9fbfa4469db750fb7ce01884b44a28c11deb0895b92f3c
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1842
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.3
131.153.19.250200 OK 2.0 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type HTML document, ASCII text, with very long lines (5016), with no line terminators
Hash afc07e79fc18e350ca5a9d2d8b82d114
eccaf2893121da617752dddde15568c858a53e2a
7023ff865054cdf2b4e779dff0e70d0fe425fa9b5062840d372290930b498610
GET /wp-content/plugins/ultimate-member/assets/js/um-profile.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2023
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.3
131.153.19.250200 OK 4.6 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (16837), with no line terminators
Hash 6dd4748d05c7a612e6c6f16645b8ee25
d2d86117288650a5e0bda1f6b7f2b8fa81fbacaa
f7ddfc3a400f95e5620a4c0d30ae8a519464d37c763de700dee8100ab5c013da
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-functions.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4554
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.5.3
131.153.19.250200 OK 10 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (2237), with CRLF line terminators
Hash 6f76914879b13bc113b0acc6264ea2ad
e799682d8df0842ebb1158ece64bdcc07ced8b68
8ccdcaf15bf4974a4cee42fa97764f31b1185c13b4ece2415bc99ebfcb2dc8a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 10268
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.3
131.153.19.250200 OK 4.2 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (14640), with no line terminators
Hash 490b06b93777544542585b0509ed4b60
360ab03e77ddc80893b89d4d16a6a1ca3394d31a
4bd0fff673af7ef77ce22c2c8f405d526570ef232a57732e2a226065ca7811ee
GET /wp-content/plugins/ultimate-member/assets/js/um-scripts.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4238
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.3
131.153.19.250200 OK 6.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (16822), with no line terminators
Hash c34265a6a8d9ab953c0edd262757f7de
0ba2e3d68335d1c7a461c116d62efbdcf44128f5
31e704f0babb1cb701d27f8878eb5feff8c67b4ff7be06f19201bc65cc70c090
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-jquery-form.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6403
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.3
131.153.19.250200 OK 1.3 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (2458), with no line terminators
Hash b1ca870878528da8602f41350516bdf6
5d282d689e77c87e32e1a038ffd10307f83b0c39
9e62c7171ea1666d945491dadce3ece558b7a05e9618ec9eb310c15b54940bea
GET /wp-content/plugins/ultimate-member/assets/js/um-responsive.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1264
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.3
131.153.19.250200 OK 2.6 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (6603), with no line terminators
Hash 693228efca60313b01b56ef5735d29d6
e3f93e2cf31e25420ff778d0cf3d6138a46b5f5d
0691744663520414fb73b2998cd461af1bbe748cebfb4416f2bbdf55a132140a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-tipsy.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2621
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.3
131.153.19.250200 OK 3.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (11969), with no line terminators
Hash 8c7c12576b1efe367c26141124c060fa
ef873505f63e14e1f08a8de74a885d7b12ed1405
0bce9ca1c8f48d302a7a210b4a192b33887b712f2d3349d9ac6b2df94a3cabd2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-conditional.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3372
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.5.3
131.153.19.250200 OK 12 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (2237), with CRLF line terminators
Hash 2834fc1d5df916d090c670104e55526c
c813ce3809a8ed3743f03d103951e531b0cf1de5
8d5be98d06727e5be2c3928a0d714d5a2162e747a4fe35b652b8267343fd615a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.date.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 11606
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&ver=10.4.9
142.250.74.106200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&ver=10.4.9
IP 142.250.74.106:0
Hash 598fd15eeccc00fc290af5f2f217cb8b
362b2b4f3416e436ce7727cd024b5d95aba81ac6
7cdd5388d1da65012fb038111605bc0731280c16652164b4fea0d5eeb46dfe8d
GET /css?family=Open+Sans&ver=10.4.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 20:36:58 GMT
date: Tue, 07 Mar 2023 20:36:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.3
131.153.19.250200 OK 14 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (46564), with no line terminators
Hash f56ac7685deef2705441df6ac71c6082
1a8b3afb46b37690fb035dff459f38c08bbc1f70
8e9d235ec4d0fad1e363aba6e6ecf70b2891e72a41285ed06a144216a71ea08d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/simplebar.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 14147
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.5.3
131.153.19.250200 OK 4.4 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (9639), with CRLF line terminators
Hash b8194f3e332a5ac6564a5d157f5269c7
66f879855ce19f4c34e94a75a875e187d45583ca
f55658961b5b615c686bb6f93648ce0a167ae7a08273058799a551d8e5168d46
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/um-fileupload.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4368
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/10/cupola-mosaic-300x300.jpg
131.153.19.250200 OK 15 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/10/cupola-mosaic-300x300.jpg
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash e84da87479b6e0c3d28197c266153b56
afb20c3acc390eb65adc977713d6dfa565537680
e7561e8d2bdfc633609c1fa8d57618f1ec4e829d82aa5840f6464e7c8097f2a4
GET /wp-content/uploads/2018/10/cupola-mosaic-300x300.jpg HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:33:01 GMT
accept-ranges: bytes
content-length: 14879
content-type: image/jpeg
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/10/FILTRO6-300x300.jpg
131.153.19.250200 OK 16 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/10/FILTRO6-300x300.jpg
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=800, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=800], baseline, precision 8, 300x300, components 3\012- data
Hash e6d185c22ad1a191c6650b8e50183c88
053bffa05c504b7f92cc587284d681a08dc8d581
350f5993db1627a0e1b02329ea4a28e006552c2eae65824e76f3c9ae307bbca5
GET /wp-content/uploads/2018/10/FILTRO6-300x300.jpg HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:32:53 GMT
accept-ranges: bytes
content-length: 16237
content-type: image/jpeg
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/04/FGR110_CM-V-300x300.jpg
131.153.19.250200 OK 14 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/04/FGR110_CM-V-300x300.jpg
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 7e43b6360b24c7480e266a7cfbc2ce22
d79b7a2d6d8bb0a586c9d6602268bcc4b59db2b0
17cb16e97347a29e26c99cff579235e7007b6f84493983ff886505c47198deee
GET /wp-content/uploads/2018/04/FGR110_CM-V-300x300.jpg HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:03:24 GMT
accept-ranges: bytes
content-length: 14143
content-type: image/jpeg
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/04/fm_110_cm_800x800px-1-300x300.jpg
131.153.19.250200 OK 13 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/04/fm_110_cm_800x800px-1-300x300.jpg
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c151b674413b1df1428880d22237a0ae
a7f824d580851dc4b780eb4d670c31ac64229458
91dab2b141672439b39f3cd3d9e30f593ec81fcb7b82ec0cbb48e2fde2251773
GET /wp-content/uploads/2018/04/fm_110_cm_800x800px-1-300x300.jpg HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 16:56:34 GMT
accept-ranges: bytes
content-length: 12863
content-type: image/jpeg
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
131.153.19.250200 OK 2.7 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (7112)
Hash c0a5921e9318b0660f2810563cc7d26d
ea77e0f764096fe4cfe51cc5d15da6c3b09d5c3c
caf7d5f1058545378e34f3eedba3d4839f6af219705f7e1fa439638cdf9aa0c2
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2749
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
131.153.19.250200 OK 4.9 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Hash 2d7779f9e4924f375c44e4a483cdf7d4
d0f0e12752ce8b0644d01b46ce5565a717ee7b1d
535ffdca31873f6bbf0c54a7a8721c3e3d244b495be96b09f4bf91f30016eac1
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4890
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
131.153.19.250200 OK 5.2 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (11126)
Hash bbc3097ec1d53f6d7a726d5d6bcf4bad
44256e2cce3eed30c1586be5d0f20400080e98e2
587f644f90049c8b873ae08f4278a15998d17d55ff3b5f10af6d399be05b0878
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5180
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
131.153.19.250200 OK 3.5 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (8712), with no line terminators
Hash 8ec95cb2a0223bd92571729cae7079bb
48fb65e26e025402f9d388efda9783470fe6a663
77201b5bc36ec113492b3c0e66cd9d8ded7aae02db16081535e836f211e02916
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 3542
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
131.153.19.250200 OK 7.5 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (20056), with no line terminators
Hash 2396edc6a288d82c8460392f0307c99f
d6dcf7d1e48543e4a96b3ed143797bd6de0ce1c8
57dc7a51bba2b8b6a4a46b4334a1922e3939437d9337e93ccd4810acf7a2a5cb
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 7518
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
131.153.19.250200 OK 32 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (65447)
Hash 6d5016d4f1156e478b166c91acfffc0a
f4327df0d7a2dae8d978ea09ba127c9a87f2cdd7
5a949cb853aec9e870e0f15f4cfb33ca526a83687d31c6061c6231c803d9fcc3
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 31545
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.3
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (5049), with no line terminators
Hash 9dbac909236884a87049e4f592581768
3e7064014634e338dc12bfb604359e4eae67313a
0d5c3f5d6340832fa9990162f25b51e63f9d830b653f61641cc9d5531f8a39bf
GET /wp-content/plugins/ultimate-member/assets/js/um-account.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1824
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.3
131.153.19.250200 OK 4.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (11371), with no line terminators
Hash e9d357fd07441bcc9b7e1439b83358ef
73d3241da408c47c191d70f1c029abd549456e9a
d897c16d25b15bb312de20eb2c24c252c3ff17843b9b0e6ee0503191e05ba427
GET /wp-content/plugins/ultimate-member/assets/js/um-raty.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 4127
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.3
131.153.19.250200 OK 6.6 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (19268), with no line terminators
Hash 9f31bc2752248c023e3f981970502915
703dd0b1bbbc27f6b87b771c228cb188b7ac9223
bf59cc8d475a99f7b73e3fe6cf5d71c8f79fd84488f6483286d2a2a0da00c687
GET /wp-content/plugins/ultimate-member/assets/js/um-crop.min.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6553
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/05/biancogroup_2.png
131.153.19.250200 OK 9.6 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/05/biancogroup_2.png
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type PNG image data, 409 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 42163874b15db683b8a3084000eabd58
b9965b2f66dfede95d55ac8b6934dd0028148ec2
de0cf899cb3db245276facbeac248ed5041161024d39eec9b3e20c714494afa1
GET /wp-content/uploads/2018/05/biancogroup_2.png HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:19:19 GMT
accept-ranges: bytes
content-length: 9630
content-type: image/png
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/04/FGRi100-CM-V-300x300.jpg
131.153.19.250200 OK 14 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/04/FGRi100-CM-V-300x300.jpg
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c03e923840bd57a9ab755e6915394106
909bfea202c2c400c09c1175b24e71a35a79130e
d0cafca1661f3e3cea5fe5ac3ea1c22486c84f682e3df19c14002e71b102bd13
GET /wp-content/uploads/2018/04/FGRi100-CM-V-300x300.jpg HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:06:44 GMT
accept-ranges: bytes
content-length: 13451
content-type: image/jpeg
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/masonry.min.js?ver=4.2.2
131.153.19.250200 OK 8.3 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/masonry.min.js?ver=4.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (26203)
Hash c34e27dc636894be74051e462410fefb
7e152f37fb05d9ccfb3472e00de8335716edc0c0
767f76160595a916c5d28fbee3c6ef79648f0ab139ace8ee477b1f9557f58677
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 8324
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/04/FRV100_SCM-2-300x300.jpg
131.153.19.250200 OK 9.7 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/04/FRV100_SCM-2-300x300.jpg
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash f108c93e35e1652b9071133c55f8f635
1c4df045b79d3ece1ca774eec599b1fd30029304
75ed6fa7dd0c672ad114371c173cf92f8cec2b3a9c49bd494f82ce37d00efbdc
GET /wp-content/uploads/2018/04/FRV100_SCM-2-300x300.jpg HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:10:18 GMT
accept-ranges: bytes
content-length: 9748
content-type: image/jpeg
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/underscore.min.js?ver=1.13.4
131.153.19.250200 OK 8.4 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/underscore.min.js?ver=1.13.4
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (21035)
Hash 84435a71c9621bfe3b96189ccf3db610
580a4ad78a91a8a96a3cbcd64c54156dbf71f7f1
66e1d75d15e734266edd26ffa65aa6087bd0b92316889c28447aed31ae85c6bc
GET /wp-includes/js/underscore.min.js?ver=1.13.4 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 8360
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (3863)
Hash ab0d2cb32c39ded9f54e61210e98033d
4a9b90e4d5ad2d06d8c5b012b3b88182cc6aefe9
e31be397ea90bfd119d2864a6907baa9f214af17cdc4e36fddcf1bb95b9d52f2
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1786
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/hoverIntent.min.js?ver=1.10.2
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (3701)
Hash 977bc0dd914649662262faf90905407e
d7ddbdb27504dfc8d300dd0093f108daf65e7a9e
2577ecdfbef638fc6c1bc5a59092d2fae865f4c7dd601c50aa025cf70f46add5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1819
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/wp-util.min.js?ver=6.1.1
131.153.19.250200 OK 1.8 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/wp-util.min.js?ver=6.1.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (3628)
Hash 1cfb9288ff0ac5fcbe01657d8e706ee1
26e3b7bb646ae774257cbacb4eb95a1442203cda
b241f23a462e526c3e569cbb04198529e6c8f893f29604fe8dac8b6cdf8707ef
GET /wp-includes/js/wp-util.min.js?ver=6.1.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1848
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
131.153.19.250200 OK 5.8 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (15660)
Hash dd7c6f24d437253dbdbb7aa723c1b327
74dac351646a7d125ab7b21e478e3044a95cfdf0
3366ed8dd67a15b5b8ea002e1bac85d74743c677eba5d7831c50a8451aece509
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5781
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-includes/js/imagesloaded.min.js?ver=4.1.4
131.153.19.250200 OK 2.9 kB URL HTTP/2 biancogroup.co.uk/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (7714)
Hash fb60681f0fa9f5c452a2be197cfe6bd9
5193bb46200371cff635e59b4a6db7e7cfbb9f63
c79f9a23fa8f230a7e0c7e83dca4f67ad78629ef35bddda931cf418ea671f208
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 06:43:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 2901
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
131.153.19.250200 OK 22 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Unicode text, UTF-8 text, with very long lines (64130), with CRLF line terminators
Hash 48ed3412b51129967d42df0ad77bc4e3
be3518477e196439bf6de8e831ce83a026a7b430
3ee9b59081d3c6a13b6cb2fe84b304c8b00c10405ce7c4937ab549a317933153
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/select2/select2.full.min.js?ver=4.0.13 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 21717
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0
131.153.19.250200 OK 5.9 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (2250)
Hash a6a61d7d6fa586e39dca319e7a732e1a
5e9e2d47d4a357e7c5b2c5fa1ea12d133931e739
fc3ed7dc9a2d0afa01453c85f97c31f77450130ae89829d58e1456082c6c8a7d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.0 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Dec 2022 10:10:17 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 5895
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
131.153.19.250200 OK 1.5 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (2237)
Hash 075b2f646c51d6a92b1363b98d21b6a4
933acf5aa39c11c91033a9dec124c7a38f9311c3
5093e54defb0995e190b4f134faa71f10b199cbc3b54b2e396f96ab9d7d55824
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/vendors/woocommerce-add-to-cart.js?ver=6.9.0 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Apr 2022 15:00:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1480
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
131.153.19.250200 OK 6.6 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (22333)
Hash b750fdb41ac29dc606f6890f87e8ce60
3e51e976e57d64841ec9842fbcc9469f4d3ebfe9
eb7dd4318dd515b3ac9834a5ec8afb2f5e1d0291344a95773dc370f628e95bd4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.9.0 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 06 Apr 2022 15:01:34 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 6648
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.2.2
131.153.19.250200 OK 1.1 kB URL HTTP/2 biancogroup.co.uk/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.2.2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (7043), with no line terminators
Hash 6ce9bf4422a44c59710ea0b8837cda3d
a501bffff6fbbb3554f44ea34875c6ba7c2ae74f
0533b7d3cf69861e97421b13f8708e6d71e315eefbcba73a87c532af4d16e080
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.2.2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Dec 2022 07:17:53 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 1061
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/webfonts/fa-solid-900.woff2
131.153.19.250200 OK 78 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/webfonts/fa-solid-900.woff2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/includes/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/css/all.min.css?ver=5.15.3
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
content-length: 78196
vary: Accept-Encoding
content-type: font/woff2
date: Tue, 07 Mar 2023 20:36:59 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/webfonts/fa-brands-400.woff2
131.153.19.250200 OK 77 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/webfonts/fa-brands-400.woff2
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/includes/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://biancogroup.co.uk/wp-content/themes/avant/includes/font-awesome/css/all.min.css?ver=5.15.3
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Jul 2022 11:20:34 GMT
accept-ranges: bytes
content-length: 76764
vary: Accept-Encoding
content-type: font/woff2
date: Tue, 07 Mar 2023 20:36:59 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f459fb7a2b63ee8fe069cc3ca2c30698
e229ec279571252d7f81dcb566ab8cada94fb740
426dbbb9f13c51b087d16370185342a6b4ada10c2a89b7418b37963cf555adc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f459fb7a2b63ee8fe069cc3ca2c30698
e229ec279571252d7f81dcb566ab8cada94fb740
426dbbb9f13c51b087d16370185342a6b4ada10c2a89b7418b37963cf555adc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Poppins&ver=10.4.9
142.250.74.106200 OK 32 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins&ver=10.4.9
IP 142.250.74.106:0
Hash a600ca9a85e5b0f5a7f3ff0a884679d8
421c3329ad3d9ab722320a80589dd465ba0b6665
8c28ae9a391cc291d9f230365e200dc352906ccf0cfd19f5eac82c92d3e1846b
GET /css?family=Poppins&ver=10.4.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 20:36:58 GMT
date: Tue, 07 Mar 2023 20:36:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.9.0
131.153.19.250200 OK 47 kB URL HTTP/2 biancogroup.co.uk/wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.9.0
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type ASCII text, with very long lines (684), with CRLF line terminators
Hash 69aec2e15490adf16054e26224118e1a
ced24496881dad1deff57a061883a3e2393b8ac9
f1db8cf86b9395cc132bd9e8b49630b146cb43c8a50f0f32b51a594ebcfbb86f
GET /wp-content/uploads/js_composer/js_composer_front_custom.css?ver=6.9.0 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 16:50:43 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/css
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://biancogroup.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 00:54:37 GMT
expires: Fri, 01 Mar 2024 00:54:37 GMT
cache-control: public, max-age=31536000
age: 502942
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://biancogroup.co.uk
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Mar 2023 00:48:44 GMT
expires: Tue, 05 Mar 2024 00:48:44 GMT
cache-control: public, max-age=31536000
age: 157695
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f459fb7a2b63ee8fe069cc3ca2c30698
e229ec279571252d7f81dcb566ab8cada94fb740
426dbbb9f13c51b087d16370185342a6b4ada10c2a89b7418b37963cf555adc6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 07 Mar 2023 20:36:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
biancogroup.co.uk/wp-content/themes/avant/js/caroufredsel/jquery.carouFredSel-6.2.1-packed.js?ver=10.4.9
131.153.19.250404 Not Found 12 kB URL HTTP/2 biancogroup.co.uk/wp-content/themes/avant/js/caroufredsel/jquery.carouFredSel-6.2.1-packed.js?ver=10.4.9
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash f5961cdf7a63014636ff14b54d0894fd
aa065270386015ce6fd1ef05fd8105993ced21ad
b4116f70266ce44aab2c3063fd3d917edb2db3769cbb097f85bfc1ed277d875e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/avant/js/caroufredsel/jquery.carouFredSel-6.2.1-packed.js?ver=10.4.9 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://biancogroup.co.uk/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: br
content-length: 11985
content-type: text/html; charset=UTF-8
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Parisienne&ver=10.4.9
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Parisienne&ver=10.4.9
IP 142.250.74.106:0
GET /css?family=Parisienne&ver=10.4.9 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 20:36:58 GMT
date: Tue, 07 Mar 2023 20:36:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.5.3
131.153.19.250200 OK 0 B URL HTTP/2 biancogroup.co.uk/wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.5.3
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/ultimate-member/assets/js/pickadate/picker.time.js?ver=2.5.3 HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Dec 2022 09:02:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-length: 8706
content-type: application/javascript
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C
IP 142.250.74.106:0
GET /css?family=Ubuntu%3Aregular%2Citalic%2C700%26subset%3Dlatin%2C HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 20:36:58 GMT
date: Tue, 07 Mar 2023 20:36:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Abel%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i&ver=1.0.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Abel%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i&ver=1.0.1
IP 142.250.74.106:0
GET /css?family=Abel%7COpen+Sans%3A300%2C300i%2C400%2C400i%2C700%2C700i&ver=1.0.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 07 Mar 2023 20:36:58 GMT
date: Tue, 07 Mar 2023 20:36:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/10/HO02_Rotanti-300x300.png
131.153.19.250200 OK 0 B URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/10/HO02_Rotanti-300x300.png
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
GET /wp-content/uploads/2018/10/HO02_Rotanti-300x300.png HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:32:18 GMT
accept-ranges: bytes
content-length: 86612
content-type: image/png
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2
biancogroup.co.uk/wp-content/uploads/2018/10/pizzarella_banco_800-554bd3a1-300x300.png
131.153.19.250200 OK 0 B URL HTTP/2 biancogroup.co.uk/wp-content/uploads/2018/10/pizzarella_banco_800-554bd3a1-300x300.png
IP 131.153.19.250:0
ASN #60558 Phoenix Nap, LLC.
GET /wp-content/uploads/2018/10/pizzarella_banco_800-554bd3a1-300x300.png HTTP/1.1
Host: biancogroup.co.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://biancogroup.co.uk/
Cookie: PHPSESSID=d6483f9928af34d938a022b78c35ada1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 17:31:27 GMT
accept-ranges: bytes
content-length: 39150
content-type: image/png
date: Tue, 07 Mar 2023 20:36:58 GMT
server: Apache
X-Firefox-Spdy: h2