edmunion.eu/
77.240.112.203301 Moved Permanently 162 B IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: http://www.edmunion.eu/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b7be8442ec1e518ccc80739495f6d047
7a9d24b9d4046262c7753c49afaf9c19f4840626
b93410a9d62da3f219796d753b61a0f730cc272c13596724aa9d20efba298b44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5608
Expires: Fri, 04 Nov 2022 22:15:49 GMT
Date: Fri, 04 Nov 2022 20:42:21 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=138503
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:21 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:10:44 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=138503
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:21 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:10:44 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9718
Expires: Fri, 04 Nov 2022 23:24:19 GMT
Date: Fri, 04 Nov 2022 20:42:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cPN02Ux7I16fmzILN21UChAT+u1FvNe/j9CO2pFvCtXF9GKzQpm3fFLJTsTx+7ISAhg7oHm76MM=
x-amz-request-id: DS5SWMH4WHBPYBN1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 19:46:54 GMT
age: 3327
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 20:42:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.edmunion.eu/
77.240.112.203200 OK 46 kB IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 1d2e19bb632f7021564086e7cb83dc76
febb7103fba547542650f4fbcad36d1c9370c27e
ed09ef38fcc74089a6b668f1d5a4eff741eaeacd4ab7c29d88d6ad20844469e8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 46334
Connection: keep-alive
X-Pingback: http://www.edmunion.eu/xmlrpc.php
Link: <http://www.edmunion.eu/index.php?rest_route=/>; rel="https://api.w.org/", <http://www.edmunion.eu/index.php?rest_route=/wp/v2/pages/2>; rel="alternate"; type="application/json", <http://www.edmunion.eu/>; rel=shortlink
X-Powered-By: PHP/7.4.32, PleskLin
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edmunion.eu/wp-includes/js/wp-emoji-release.min.js?ver=6.1
77.240.112.203200 OK 19 kB URL HTTP/1.1 www.edmunion.eu/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: application/javascript
Content-Length: 18617
Last-Modified: Wed, 25 May 2022 00:45:28 GMT
Connection: keep-alive
ETag: "628d7c28-48b9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/lity/lity.min.css?ver=6.1
77.240.112.203200 OK 3.3 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/lity/lity.min.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (3288), with CRLF line terminators
Hash a89216bdb476bff1f1e4096bab4df235
a0651cb4bf0af858c55f5564360584d8af19978e
3a37f82bdd6c846240ab0762b6fbda3d5b4baa60dbef3287792b00bb9fe8e7c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/lity/lity.min.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 3349
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-d15"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/css/jquery.circliful.css?ver=6.1
77.240.112.203200 OK 886 B URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/css/jquery.circliful.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with CRLF line terminators
Hash b4a6416d3ee6a9e5685066fa0d4a733f
4bb15d611533596e602ab5e2bbea18393f70e510
c600045104a8b512eaa59d1f3ef5fae13b712899d7d82eb93a9ba6b5ae160767
GET /wp-content/themes/denorious/css/jquery.circliful.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 886
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
ETag: "376-56695f8083140"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.edmunion.eu/wp-content/themes/denorious/css/new-style.css?ver=6.1
77.240.112.203200 OK 8.7 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/css/new-style.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with CRLF line terminators
Hash 326883fa2b5eb5684897076e2d028b53
7f323d0bc6c7812310b129618764b47c5d1dd3df
a67d285847fc3b8f704e29629bffb72ceeec9adc59b74855025deec41de77d0c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/css/new-style.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 8746
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-222a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-includes/css/classic-themes.min.css?ver=1
77.240.112.203200 OK 217 B URL HTTP/1.1 www.edmunion.eu/wp-includes/css/classic-themes.min.css?ver=1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 217
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Nov 2022 01:45:15 GMT
ETag: "d9-5ec72fdfd3c03"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.edmunion.eu/wp-content/themes/denorious/css/slick.min.css?ver=6.1
77.240.112.203200 OK 1.3 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/css/slick.min.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (1290), with no line terminators
Hash 19d947f5a564794121cba0e962520b68
41e81b392d26a4aaaf9fda074d1ed2d802f2d6a8
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/css/slick.min.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 1290
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-50a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/font-awesome/css/font-awesome.min.css?ver=6.1
77.240.112.203200 OK 22 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/font-awesome/css/font-awesome.min.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (21880), with CRLF line terminators
Hash 3aae6eb815f965c9bfc0f583fcfae4e8
9f78b698a990bb613395b8fab62f798f271c87be
71dd9e4d26b8f059c03e489be1f506177affa87c91cb5150657a423739a9fa7e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/font-awesome/css/font-awesome.min.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 22096
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-5650"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/plugins/bold-page-builder/slick/slick.css?ver=6.1
77.240.112.203200 OK 1.7 kB URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/slick/slick.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
Hash 13b1b6672b8cfb0d9ae7f899f1c42875
6e9d13342a11a8cfd9e42ee243eaeae01cda4e25
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
GET /wp-content/plugins/bold-page-builder/slick/slick.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 1729
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-6c1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-includes/css/dist/block-library/style.min.css?ver=6.1
77.240.112.203200 OK 95 kB URL HTTP/1.1 www.edmunion.eu/wp-includes/css/dist/block-library/style.min.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (47826)
Hash 4cdcd4a2c77fccb74825eaf2d6733091
00d4ad404f681af9044bb4cc6ed5e2e9f641cc4a
187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 94821
Last-Modified: Wed, 02 Nov 2022 01:45:15 GMT
Connection: keep-alive
ETag: "6361cbab-17265"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5722
Cache-Control: max-age=133188
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:21 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:42:09 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
www.edmunion.eu/wp-content/plugins/bold-page-builder/css/front_end/dummy.css?ver=6.1
77.240.112.203200 OK 0 B URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/css/front_end/dummy.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/css/front_end/dummy.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
ETag: "0-57d046ddb8f00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash a2f6c296003d839bdee766ef4082e376
013ae64b10cb1355ae9b6ba38dcfa79f71a9b505
703d6582ab3344d6e4a0d5b7e0c9983b8f7e8179d73dd6584c37bbccc8c84308
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edmunion.eu/wp-content/themes/denorious/style.css?ver=6.1
77.240.112.203200 OK 169 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/style.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
Size 169 kB (169350 bytes)
Hash 503d50f5679c93078a55699b93bf125f
9a3170804c495ddd24fa1e0771c00c7dac9a6e03
222ba21e54eb3c1e2a7ba146d4141558468a53eaf3a9f0bffbef6aa20fede378
GET /wp-content/themes/denorious/style.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 169350
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-29586"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/css/bootstrap.min.css?ver=6.1
77.240.112.203200 OK 121 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/css/bootstrap.min.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (65367), with CRLF line terminators
Size 121 kB (121205 bytes)
Hash 5057f321f0dc85cd8da94a0c5f67a8f4
224c9f9ad11b495358aa61dbd53e838e9b61015b
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
GET /wp-content/themes/denorious/css/bootstrap.min.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 121205
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-1d975"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
77.240.112.203200 OK 11 kB URL HTTP/1.1 www.edmunion.eu/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 11224
Last-Modified: Wed, 09 Dec 2020 01:46:07 GMT
Connection: keep-alive
ETag: "5fd02c5f-2bd8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=6.1
77.240.112.203200 OK 170 kB URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (375)
Size 170 kB (169715 bytes)
Hash 01b9ed8361ac110e6380291ff10c49bb
4714494963a3f570e8b3aa421dc1fdcacda61686
ac1649da8b6b8af80052e155bc6c541f856ebc5518dd821917cb9d2af185fbeb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Type: text/css
Content-Length: 169715
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-296f3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=6.1
77.240.112.203200 OK 20 kB URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (20087)
Hash ba6cf724c8bb1cf5b084e79ff230626e
f455c5f153f872e52265f87a644ff89fe14a6fb6
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 20216
Last-Modified: Sat, 15 Dec 2018 00:14:21 GMT
Connection: keep-alive
ETag: "5c14475d-4ef8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=1
77.240.112.203200 OK 11 kB URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with CRLF line terminators
Hash 48cbee507f3dae11bf77ee121773de1f
d98267a8425d20f7b4c26c0cb4ad12923331c7f7
950c96741e3d568a9fdfef3d404c191b866f9886343e80157f231a76c38c0f6e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 11449
Last-Modified: Sat, 15 Dec 2018 00:14:21 GMT
Connection: keep-alive
ETag: "5c14475d-2cb9"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=6.1
77.240.112.203200 OK 42 kB URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (32076)
Hash b53bdfc29e18f4d493d775a8023fbdc8
e9fcbcc4fa70cba093b81d982a1b78509414cef7
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
GET /wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 41953
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-a3e1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/plugins/bold-page-builder/script_fe.js?ver=1
77.240.112.203200 OK 1.5 kB URL HTTP/1.1 www.edmunion.eu/wp-content/plugins/bold-page-builder/script_fe.js?ver=1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with CRLF line terminators
Hash 64e162bfa1349e3af675c362d13a434d
cf8f729189bf60aa78a4343156af15b17ca95376
e9a06715f6f1880744b7f342c069c20b7e1f4748353661fe258a90e36cf6b03e
GET /wp-content/plugins/bold-page-builder/script_fe.js?ver=1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 1515
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-5eb"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/bootstrap.min.js?ver=1.0.0
77.240.112.203200 OK 37 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/bootstrap.min.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (32033), with CRLF line terminators
Hash 04c84852e9937b142ac73c285b895b85
8fb8a9319055253d085edfc3bb72d20f614ec709
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/bootstrap.min.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 37051
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-90bb"
X-Powered-By: PleskLin
Accept-Ranges: bytes
push.services.mozilla.com/
52.42.234.253101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.234.253:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9c5Goaj+fCkDzgxDlVkXSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eiztnprtsCl08kwIb6Vti1HJq/k=
www.edmunion.eu/wp-content/themes/denorious/js/jquery.circliful.min.js?ver=1.0.0
77.240.112.203200 OK 7.5 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/jquery.circliful.min.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (7473), with no line terminators
Hash 0015194159d744b4e38956ac30824a42
eac31a82b15ac4208b9c78c95c13e77f4583faae
74da2b4001c15b8f46a26988c47632845d06706e46388fc3d08b99ec3797d63f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/jquery.circliful.min.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 7473
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-1d31"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/isotope.pkgd.js?ver=1.0.0
77.240.112.203200 OK 36 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/isotope.pkgd.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (32003), with CRLF line terminators
Hash d5e00cf73d518ca8d72c253c51e6014a
409130ec6321c17ebf6743f6ae0816e5ddda7235
7fe76fc5d85d4e5b0b7d32c7c9ff88a3f6556342efa6d29d701344ffc76afadd
GET /wp-content/themes/denorious/js/isotope.pkgd.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 35631
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-8b2f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/jquery.downCount.js?ver=1.0.0
77.240.112.203200 OK 3.9 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/jquery.downCount.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with CRLF line terminators
Hash a9d6fbb86150e591450bffc00f4495ec
a96d906cce8c4f5ab70cf3db5b406ae45749a0ab
03346673b82670f1cb0a3b4752ec028eb4f824789a23ea09f0052ed019bd27f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/jquery.downCount.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 3912
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-f48"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
77.240.112.203200 OK 90 kB URL HTTP/1.1 www.edmunion.eu/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 89684
Last-Modified: Wed, 02 Nov 2022 01:45:15 GMT
Connection: keep-alive
ETag: "6361cbab-15e54"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/lity/lity.min.js?ver=1.0.0
77.240.112.203200 OK 6.3 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/lity/lity.min.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (6182), with CRLF line terminators
Hash 94b383e7c707143030616886285cfb9d
0e83bc0de47df518e8ba555cb1ac25679d87a58a
6648f671f84f72381200422772ca242a920e4a73aa82bbb16427f431ed697a57
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/lity/lity.min.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 6300
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-189c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/jflickrfeed.min.js?ver=1.0.0
77.240.112.203200 OK 1.7 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/jflickrfeed.min.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (425), with CRLF line terminators
Hash edddf66884fe1a84ed2bfadf5de6b61c
cd8b2cdc1137045fd67fdd1cf3cad81e2752b717
7331e568d44900f570f233a6cc0022a6a8f272f6fdabcae6ddc2092fe1c00c1a
GET /wp-content/themes/denorious/js/jflickrfeed.min.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 1731
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-6c3"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/denorious-main.js?ver=1.0.0
77.240.112.203200 OK 24 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/denorious-main.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (361), with CRLF line terminators
Hash 46764122abcc49de21642b9ce7c9a2bc
de1598419d1fb144127a6cd515361e8f2a862879
7446f8cb6fa7fe4057c203d756f674a770a44fdcb35ae10cb3339dccdb5abe0b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/denorious-main.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 24287
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-5edf"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-includes/js/comment-reply.min.js?ver=6.1
77.240.112.203200 OK 3.0 kB URL HTTP/1.1 www.edmunion.eu/wp-includes/js/comment-reply.min.js?ver=6.1
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with very long lines (2946)
Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2
db36a77f6aaa2063bfbec02c2c0e967438c5a245
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 2981
Last-Modified: Wed, 25 May 2022 00:45:28 GMT
Connection: keep-alive
ETag: "628d7c28-ba5"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/themes/denorious/js/scrolltotop/totop.js?ver=1.0.0
77.240.112.203200 OK 350 B URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/js/scrolltotop/totop.js?ver=1.0.0
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type ASCII text, with CRLF line terminators
Hash fef49f0a44ef1fc44ab88f0886477c3d
06f0634ca101345a00d031eb030d9e9a0388a510
4beea5ce78bf433084986f1f0e276befbaf2369a177916fce61e11a582af0716
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/denorious/js/scrolltotop/totop.js?ver=1.0.0 HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: application/javascript
Content-Length: 350
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
ETag: "15e-56695f8083140"
Accept-Ranges: bytes
X-Powered-By: PleskLin
www.edmunion.eu/wp-content/uploads/2018/03/cropped-logo-1.png
77.240.112.203200 OK 5.0 kB URL HTTP/1.1 www.edmunion.eu/wp-content/uploads/2018/03/cropped-logo-1.png
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type PNG image data, 110 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fdfa151fcbd7ed32131ebf1287f60fc
db840bf8bc9b2747d2e0df31ed481365f01b6c07
729aff3358b158a6d81654923d6e010e5f88c104bdd81763ce74f636896b2657
GET /wp-content/uploads/2018/03/cropped-logo-1.png HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: image/png
Content-Length: 4976
Last-Modified: Sun, 04 Mar 2018 13:16:07 GMT
Connection: keep-alive
ETag: "5a9bf197-1370"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.edmunion.eu/wp-content/themes/denorious/images/header.jpg
77.240.112.203200 OK 30 kB URL HTTP/1.1 www.edmunion.eu/wp-content/themes/denorious/images/header.jpg
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x222, components 3\012- data
Hash 625775bf96b47aa5d45407db753c9b6f
007af18195eb5571dfd7291c15306444979bd659
0f611266e12d9b6a92bbbbe0060b02cf00b74078973618c4ace72bbcf95c16fc
GET /wp-content/themes/denorious/images/header.jpg HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: image/jpeg
Content-Length: 30041
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-7559"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e6b45bbbe78e22b2f16f6820573c50c9
47ec379cd42511b5a7f5d02c8f4df8a5613a2927
83fe5b11088985d78e51cb2e1457525f91c9bbf9c42eca17d19a6cfff734147a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83FE5B11088985D78E51CB2E1457525F91C9BBF9C42ECA17D19A6CFFF734147A"
Last-Modified: Fri, 04 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 05 Nov 2022 02:42:22 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edmunion.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 100924
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18260, version 1.0\012- data
Hash 6dea752293556883fdae057d588b0bb1
e4d090e03bb920f5ddf7b09937428b2a0a2a9ee0
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
GET /s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edmunion.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 17:03:31 GMT
expires: Fri, 03 Nov 2023 17:03:31 GMT
cache-control: public, max-age=31536000
age: 99531
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edmunion.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 21:48:50 GMT
expires: Thu, 02 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 168812
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adsnet.work/scripts/placer.js
193.3.19.36200 OK 377 B URL HTTP/1.1 adsnet.work/scripts/placer.js
IP 193.3.19.36:0
ASN #50340 OOO Network of data-centers Selectel
Hash 4435b6168b6acda2edea1c16ab2d857a
eff2c42517e44a568b5011125b5cba022f27f67f
dcd5ff0b5118befd94a04b7bbc750b5a7b473e39fefd81e235f79bd848916569
Analyzer Verdict Alert fortinet Malware
GET /scripts/placer.js HTTP/1.1
Host: adsnet.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 20:42:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.edmunion.eu/wp-content/uploads/2018/03/cropped-logo-32x32.png
77.240.112.203200 OK 1.7 kB URL HTTP/1.1 www.edmunion.eu/wp-content/uploads/2018/03/cropped-logo-32x32.png
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 788986c804d445568b96be4b71820091
fed718b9e66802553c7899b3583ae1113d957eb0
51db5276a3d5864bf2beb7bf7b24fc13b8cf204ce330196f419f0b74a268cfa7
GET /wp-content/uploads/2018/03/cropped-logo-32x32.png HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: image/png
Content-Length: 1681
Last-Modified: Sat, 03 Mar 2018 16:39:51 GMT
Connection: keep-alive
ETag: "5a9acfd7-691"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.edmunion.eu/wp-content/uploads/2018/03/cropped-logo-192x192.png
77.240.112.203200 OK 19 kB URL HTTP/1.1 www.edmunion.eu/wp-content/uploads/2018/03/cropped-logo-192x192.png
IP 77.240.112.203:0
ASN #16371 acens Technologies, S.L.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6aa4847324d12a67dc4bb794f4a93c50
0e15294f75e1ef538c34a5ab3ec82f11976cc921
b457d86b3b74e45e53bbe488fb69961c3664383cbb65ad694fe9b2985c7703ca
GET /wp-content/uploads/2018/03/cropped-logo-192x192.png HTTP/1.1
Host: www.edmunion.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Type: image/png
Content-Length: 18794
Last-Modified: Sat, 03 Mar 2018 16:39:51 GMT
Connection: keep-alive
ETag: "5a9acfd7-496a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a631333-54a4-458c-b54b-2dd96d4ede5a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a631333-54a4-458c-b54b-2dd96d4ede5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5aedde5b1d003651d773c89833460868
29ca25963b777fd7463c65d8cde6d65172c996e1
04b95b954d7d992e6547d05d052c6f3f8a4cfb4a5988f9e6c6629969053bf7b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a631333-54a4-458c-b54b-2dd96d4ede5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11188
x-amzn-requestid: 72e0a128-e0c4-4a93-8e29-01a574b2d1c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0XNHPcoAMFkNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364342d-341a40d37b7bcc9153749d67;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eo3FBGjoivBN1-4xP1UiTocKbLd87acRtOX2AQrPr1a4yDboDrXYRA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:38 GMT
age: 82124
etag: "29ca25963b777fd7463c65d8cde6d65172c996e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a763d44e05fa357713a41ab1388974a
d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd
f351b7e90e5435af071892b62af3ac591bc553281b3ea63b1ae067a3d03f572d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7703
x-amzn-requestid: 4f835957-6df6-4001-9c34-ed9749000b46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RpFGwoAMF0-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-3f7b7dd36cb07d057b64ec2f;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DknsakNef7SUQhERTPiLozTDA4tl1OEdE8ohicMEfVGvwaLwPX8d_Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:49 GMT
age: 82053
etag: "d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c472942cb4b85610a3e83edf7527f923
8191eb019b21bed2b9f53c755e1c24d08dc70760
0dc7f9902567b0130c1c34b6e356b8239f8e6c83e1d38ac9b74588270000279c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10810
x-amzn-requestid: 85c9096f-2671-4f0e-94a3-607254d036d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC057E5yIAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364350c-3c93b6e56e6141a63d1285eb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:39:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: i3Kso77aQ6Qt3z3KH189niLwWzWFJz7Y0aMQngNRahdqlMAo76WksQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:42 GMT
age: 82180
etag: "8191eb019b21bed2b9f53c755e1c24d08dc70760"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca6c7517d7015fbc35fa290c1c2d6afd
594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OI-hzSDTy-vFSFOZxI98XT8VZmnpFlU_cobzCTkrn4T5NuH8cqybMg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:32 GMT
age: 82190
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 8436166b-f342-44e9-9a31-e25dcaa7b85c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2gEOEYRIAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f46e7-0616a6b95503fffd4f597509;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:54:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: g3OtcJnT2JfzIAvUjoLvC8pOzfwGFQ-M0cH4uwNSVcr2T9jYgCihTw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 23:36:56 GMT
age: 75926
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae1ac87f2e6534322ba259d6e06fcaa5
c721a00ae618e6ed997e102fa3d977ef830cac05
2f4cab8b925f6a79ed96b08edc00f04186d33ed9cfd4ba565884a931e83ae408
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7601
x-amzn-requestid: bec1a71e-c5bd-4332-ac60-18b49304a5a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a275aEHYoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f736f-1b36c60a43415790430fbecf;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:04:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MORvkZWLXGvSFYxjnSiYJluJY302y_FTvACRUrEvo7vLYkheyEcE1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 07:18:27 GMT
age: 48235
etag: "c721a00ae618e6ed997e102fa3d977ef830cac05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
hydrahydra.kim/fetch.php?tracker=adsnet.work&site=aHR0cDovL3d3dy5lZG11bmlvbi5ldS8=
193.3.19.36200 OK 0 B URL HTTP/1.1 hydrahydra.kim/fetch.php?tracker=adsnet.work&site=aHR0cDovL3d3dy5lZG11bmlvbi5ldS8=
IP 193.3.19.36:0
ASN #50340 OOO Network of data-centers Selectel
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fetch.php?tracker=adsnet.work&site=aHR0cDovL3d3dy5lZG11bmlvbi5ldS8= HTTP/1.1
Host: hydrahydra.kim
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 20:42:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e2c2868516a60c335361ccef89c6090
b71b29860aca017ac124fb4037cec5dc3101474e
3ac5d5410a9d31317c2f31fe3e08cdb188e26bfffce5275b85cce986f2841d22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3559
x-amzn-requestid: 63f00dbe-834f-4fbb-91c0-5e5378dc48aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0SvEOaIAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643411-43380b3457de631756afdb81;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hit7lhSIgTngtNcj0qlMHVtdtjSdfA6-lP8QBAyhVJfqyS-PaMHNkw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 22:00:51 GMT
etag: "b71b29860aca017ac124fb4037cec5dc3101474e"
content-type: image/jpeg
age: 81698
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Arimo%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Arimo%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Arimo%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 20:42:21 GMT
date: Fri, 04 Nov 2022 20:42:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A100%2C200%2C300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Montserrat%3A100%2C200%2C300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 20:42:21 GMT
date: Fri, 04 Nov 2022 20:42:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin%2Clatin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin%2Clatin-ext
IP 142.250.74.10:0
GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 20:42:21 GMT
date: Fri, 04 Nov 2022 20:42:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2