Report - zenitdent.com/ceum/index.php?APETMRO=6

Report Overview

Submitted URL
zenitdent.com/ceum/index.php?APETMRO=6
IP
172.67.208.164
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-19 08:48:35
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
36

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	52.35.190.173
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	52 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	413 B	21 kB	142.250.74.110
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-09T05:09:40Z	707 B	560 B	216.239.32.36
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	676 B	1.5 kB	23.33.119.27
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	795 B	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.1 kB	4.2 kB	142.250.74.131
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	1.1 kB	28 kB	142.250.74.35
zenitdent.com	unknown	2022-10-26T13:55:14Z	2023-03-02T23:20:30Z	16 kB	1.4 MB	104.21.93.97
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.7 kB	7.1 kB	95.101.11.115
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	426 B	44 kB	142.250.74.168

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-19	medium	zenitdent.com/ceum/index.php?APETMRO=6	Malware
2022-12-19	medium	zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff	Malware
2022-12-19	medium	zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6	Malware
2022-12-19	medium	zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6	Malware
2022-12-19	medium	zenitdent.com/wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff	Malware
2022-12-19	medium	zenitdent.com/ceum/?APETMRO=6	Malware
2022-12-19	medium	zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2	Malware
2022-12-19	medium	zenitdent.com/wp-includes/js/jquery/jquery.min.js	Malware
2022-12-19	medium	zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js	Malware
2022-12-19	medium	zenitdent.com/wp-content/uploads/2022/10/zenitdent.webp	Malware
2022-12-19	medium	zenitdent.com/wp-content/uploads/2022/10/cagri-merkezi-1.webp	Malware
2022-12-19	medium	zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js	Malware
2022-12-19	medium	zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp	Malware
2022-12-19	medium	zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp	Malware
2022-12-19	medium	zenitdent.com/ceum/index.php?APETMRO=6	Malware
2022-12-19	medium	zenitdent.com/ceum/?APETMRO=6	Malware
2022-12-19	medium	zenitdent.com/wp-includes/js/jquery/jquery.min.js	Malware
2022-12-19	medium	zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	http:https://zenitdent.com/19ef622e-5b87-4698-b669-fe0d7f20fe96	2.3 kB	2023-03-09	2023-03-09
Pretty URL http:https://zenitdent.com/19ef622e-5b87-4698-b669-fe0d7f20fe96 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash b7b82da6fc966999d09adae252f0872f 0d07f78ecaf85eeb83193caa97d4c22f2858c91a cf9d9318c36ce70a0d0fb8289831b9fd52079842bffc1aa1140d79a17b63bb3f Loading...

	http:https://zenitdent.com/06d9ffff-f35a-46c1-bc71-66a2a0fefba4	214 B	2023-03-09	2023-11-17
Pretty URL http:https://zenitdent.com/06d9ffff-f35a-46c1-bc71-66a2a0fefba4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-11-17 13:07:05 Times Seen2 Hash a8692739fbd07d802e77c1c52b7ef930 60f4ad83b46aa60bab6e20dee218bc1972e3f41f bfbc9c489b62acb91f5bba430143043256ecf8d086f783af4dba320feee4b204 Loading...

	www.googletagmanager.com/gtag/js?id=G-KTKHDTN9XH&l=dataLayer&cx=c	182 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-KTKHDTN9XH&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash 130f22119a9fa5bb044837053ba4ceac 94af836ceb8e9c284280952c8cd73ddb9641b50d fcb2307eb405538ae035f367b255ad38b06b59c2c8bdf5f825abb10b62608676 Loading...

	zenitdent.com/ceum/?APETMRO=6	1.7 kB	2023-03-07	2024-04-14
Pretty URL zenitdent.com/ceum/?APETMRO=6 IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-14 16:04:21 Times Seen431 Hash a0fe609408d246ad7b8e4b97cf257299 e506fb7cf42b400080ab195e688bb6e5c1a9d265 9fa087232ef1e1c40fd5e8eb188ae899fd7b5d00d4adcd1f5e8e48148b972304 Loading...

	http:https://zenitdent.com/f06e7e9d-6df8-4bab-bf96-e83cd2bf956f	87 B	2023-03-09	2023-08-17
Pretty URL http:https://zenitdent.com/f06e7e9d-6df8-4bab-bf96-e83cd2bf956f IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-08-17 23:43:24 Times Seen5 Hash b79ae0e2f08557bd77fc4e4f25c55f6d cfe9123b87210afc4c9d29072adda7ad146784c0 5286263f06c968005759a55918ef1f9e3ad03384d16a9df94dd8a032990bb496 Loading...

	zenitdent.com/wp-includes/js/jquery/jquery.min.js	90 kB	2023-03-08	2024-04-18
Pretty URL zenitdent.com/wp-includes/js/jquery/jquery.min.js IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen31778 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	www.googletagmanager.com/gtag/js?id=UA-248919276-3	112 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-248919276-3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash bdf529be19954b201b19b55a3f864282 bc2a39f8c65f0bbc1db3d7fc81023909fecd8c7a 3222ca096f1e6ec8d006fa1b3a6c931e6b6fa7810deb17c8ffbac7b567ef78d5 Loading...

	http:https://zenitdent.com/1f4ecac5-65e1-4160-91e7-82415d2f36fe	286 B	2023-03-09	2023-03-09
Pretty URL http:https://zenitdent.com/1f4ecac5-65e1-4160-91e7-82415d2f36fe IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash adc474510301cff4ceb8f324bac32d3a 51fb5af849bb8d7dc26e988fdd74c791682dc513 cbdd545cb06b7e5f46226c56aaf6c931528b0652570e32155cdcc45bcea6ff88 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 04:51:57 Times Seen36952284 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-KTKHDTN9XH&l=dataLayer&cx=c	182 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-KTKHDTN9XH&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash df2c48729bf21a5b1b03709ac187a0a9 9e0afb88fb1285589f41f04d207ed69cb311c9ed a0754b4e8414d0cb6b54557efe85c5edb673b83dca1e55880f1ecd443201624b Loading...

	zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js	1.4 kB	2023-03-08	2024-04-18
Pretty URL zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:19:44 Last Seen2024-04-18 22:13:38 Times Seen126 Hash eb2d0b78a2266fb1938dec579468e576 7fba4940f010c1798f5801c39493e174f32ac0cf ec7b4acd1e357f9d6e7e59a5c578ae28134666feba72777d95b19305fc792c41 Loading...

	zenitdent.com/ceum/?APETMRO=6	215 B	2023-03-07	2024-04-18
Pretty URL zenitdent.com/ceum/?APETMRO=6 IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 11:22:37 Times Seen1874 Hash dc0923c33f2f758c84c52fbb61c834a3 b058be2d1733bff3d424d94ace699f13151e3df7 d37ef4938c8ae1d3621058c0b807b594bdff045977dab405590883e514289ac3 Loading...

	http:https://zenitdent.com/5278f958-8fe0-4e7d-92bb-1071c7455034	1.7 kB	2023-03-08	2024-03-30
Pretty URL http:https://zenitdent.com/5278f958-8fe0-4e7d-92bb-1071c7455034 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:44 Last Seen2024-03-30 19:37:50 Times Seen96 Hash c74979d010b810ed4df0acccb709cc39 7596d4f5449d691c8b569e4fa8520135ea9dbd4f 3133b9ca5ad1458597f186e64629a4fc15831cb6952d8a549b9d01edaba65fa6 Loading...

	http:https://zenitdent.com/a4af0b6f-34ca-4dbd-91aa-97a8b408e0c8	282 B	2023-03-08	2023-08-21
Pretty URL http:https://zenitdent.com/a4af0b6f-34ca-4dbd-91aa-97a8b408e0c8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 21:58:44 Last Seen2023-08-21 19:56:52 Times Seen27 Hash c95a0736ae7a44fe5c8eccc82d4d79d1 48604df4ed289f5193c8ee013456b90b16d56390 75fb3c167408f32daa29052ffd3ca70d66634e14dd94de7a0e338f7698bfafbd Loading...

	http:https://zenitdent.com/30321e34-ece1-4679-a72f-20fc15b96fa8	104 B	2023-03-09	2023-03-09
Pretty URL http:https://zenitdent.com/30321e34-ece1-4679-a72f-20fc15b96fa8 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash f92719cce78dc6f8784d8d93dd81ff57 b742803da580de410b7026feea1c242dd37dcd67 e03df745ee63ae5d6476157bd5092f3fe0094ba0b7ca9f8b9adcfcedaa110890 Loading...

	zenitdent.com/ceum/?APETMRO=6	408 B	2023-03-07	2024-04-14
Pretty URL zenitdent.com/ceum/?APETMRO=6 IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-14 16:04:21 Times Seen332 Hash d3fb31fc4a0b37980210c57f2698989d 82a161b3a63cf0d5a5b37e9eacdfaf298bcbb55b 45200934a32157fcedfec503f25c156ed7a19df9a9538269e7848ad8f1adc936 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-18
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-18 21:02:43 Times Seen1513 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js	3.3 kB	2023-03-07	2024-03-13
Pretty URL zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:37:21 Last Seen2024-03-13 21:06:51 Times Seen353 Hash 7dab9f3e542fbf75c97a894a6620a417 fe2a4fd0ea9a8696819e5f9cf70b4eb205c59ec2 c2e91fbd692b9551cdd4efee311b3ecb465c36d42813d5bcff10f9f8859b2cb2 Loading...

	www.googletagmanager.com/gtag/js?id=UA-248919276-3	112 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=UA-248919276-3 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash 14f9f8244fc8cf0a1fbdd4af5aaf2551 09c91f0886292c1213288f4d983bbc5ed49a8da6 fff058df80cd6e2e9a6eeada67fdd13bc3e43d3e61d07a7979b111f91ef7ff5e Loading...

	zenitdent.com/ceum/?APETMRO=6	8.3 kB	2023-03-07	2024-04-18
Pretty URL zenitdent.com/ceum/?APETMRO=6 IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-18 15:16:00 Times Seen2043 Hash eb78fac132e7cff1e4556b0ee5be04cf 8c0633f511df47c21639be83c719ae0e1ea26555 163c4d52fb653e1c2463e1a0e397faa297729ad6269b5205b915f3ed4b8b8d8b Loading...

	http:https://zenitdent.com/08bf3ea1-0fae-4bef-af9a-68c8d4ce8153	273 B	2023-03-09	2023-03-09
Pretty URL http:https://zenitdent.com/08bf3ea1-0fae-4bef-af9a-68c8d4ce8153 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash 80ed241a30ca708890edeccee05c4213 4096fc0edc587594e0ce1c9d6ab07b0cb102de7c 4201e3320207566897653b22a6637ad21765e3d046216a26e2fac0a53f5c6ae5 Loading...

	http:https://zenitdent.com/11e18337-8650-4e2f-a6e3-affb672e04c7	58 B	2023-03-07	2024-04-18
Pretty URL http:https://zenitdent.com/11e18337-8650-4e2f-a6e3-affb672e04c7 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09:28 Last Seen2024-04-18 15:16:00 Times Seen510 Hash 04a9b59b7e49f913a3926f6431334155 35f2521d3ab3f75895b02da9c6b5419e1a35be59 94c4eed60653e14337c021261a52581e9b6f93ae9ba512912ca30ce656b3ac64 Loading...

	http:https://zenitdent.com/f832e8d5-103a-46ec-a919-226ff9359d1b	1.1 kB	2023-03-09	2023-03-09
Pretty URL http:https://zenitdent.com/f832e8d5-103a-46ec-a919-226ff9359d1b IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 17:43:26 Last Seen2023-03-09 17:43:26 Times Seen1 Hash cadb9de8ec86eeb0f8fc4ef451381f4d 4abd79332c1524d2f46efe3b495f35ca1e28f644 a2865e40118ec248ec2be4d1009d162c873067c90ff4a7335d7390fb11088b8c Loading...

	zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0	11 kB	2023-03-07	2024-04-18
Pretty URL zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 IP 104.21.93.97 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-18 13:42:01 Times Seen5344 Hash 4eee50ac6f4f364ba3a284d0753ddae3 a8e7e824e6824ae0b370ff36e2c07ca07276fae0 b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe Loading...

HTTP Transactions (54)

URL IP Response Size

zenitdent.com/ceum/index.php?APETMRO=6

104.21.93.97

301 Moved Permanently

0 B

URL HTTP/1.1
zenitdent.com/ceum/index.php?APETMRO=6
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ceum/index.php?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Dec 2022 08:48:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 19 Dec 2022 09:48:23 GMT
Location: https://zenitdent.com/ceum/index.php?APETMRO=6
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJaPwxZAEhE1gb7aBUNxpboDqjN75ZDcis4VAFejFvygB6f%2FaJDZoegmecXLawlp27H90Rx7bev5vNO9OSmNNHKVVKPpBbNGqhKTdssbjyW4N9sAPVIz6qOE8j2ZH49B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bee1010847b50b-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6234
Expires: Mon, 19 Dec 2022 10:32:17 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14865
Expires: Mon, 19 Dec 2022 12:56:08 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 08:34:22 GMT
content-type: application/json
age: 841
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5055
Expires: Mon, 19 Dec 2022 10:12:38 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: bOl+EyFBHm82/mHg7wtTyMGAigVLFVeBdsWY0iweThcZ4B9owgOmEr0ARZdY1pjpSkjc9aZHZSU=
x-amz-request-id: 2RG4R9TQ1Q6SW6BT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 07:54:28 GMT
age: 3235
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:48:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
1b79e7f72666fce5afaba47a698a1bac
470a139e4ca36370a09ae1f8bde9abed9e811f5e
91f37a918de30b46e28e125ff750d587e120adbd7011a154e76525db9f35588f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91F37A918DE30B46E28E125FF750D587E120ADBD7011A154E76525DB9F35588F"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Mon, 19 Dec 2022 14:47:51 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 08:08:01 GMT
age: 2422
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 927
Cache-Control: max-age=88434
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:24 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 09:22:18 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

e1.o.lencr.org/

23.33.119.27

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
1b79e7f72666fce5afaba47a698a1bac
470a139e4ca36370a09ae1f8bde9abed9e811f5e
91f37a918de30b46e28e125ff750d587e120adbd7011a154e76525db9f35588f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91F37A918DE30B46E28E125FF750D587E120ADBD7011A154E76525DB9F35588F"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Mon, 19 Dec 2022 14:47:51 GMT
Date: Mon, 19 Dec 2022 08:48:24 GMT
Connection: keep-alive

push.services.mozilla.com/

52.35.190.173

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.190.173:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SiJyiH6wKkbCPUT8pKKgXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GSCKxaEm3+OaCNCoQrPLhx35k+0=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8722 bytes)
Hash
e0773ba795a9e9a70038c6d8c64ebfa2
3d1db768017331da152d0df6cf5bc6ea6c813b83
46c25962e3bad9785a77bd8f51021460bcf44e9907c725c38329b6dadf560a44

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8722
x-amzn-requestid: 88a7ab87-3bee-429d-9d3d-8969f6908c65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKGGkH2UIAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a5090-072ab9b341d4c00622492ee8;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 22:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lpuH1nfNTFrtEUzxSDBEtunOkPU7Y5cP5PSVlJQ43YkRBrRX4OukPg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:38:25 GMT
age: 40200
etag: "3d1db768017331da152d0df6cf5bc6ea6c813b83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9058 bytes)
Hash
e6c714628a486b8d09101fe1115b4a25
a859bec81457e5b3511fb7612b65bcd4be790f21
41586527c64614c69c2833d2eb9a0e5e03906388a39ae16443b45dd6885329af

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 30f541b7-557c-45c6-a639-596ec624d6b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJtzFJPIAMFaow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcbe-221f45c41cc4ac943f78ce6c;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f_sUIMBle-AT5Od_IJdlhNc1razIfG8LYIi1tEsIyWtMRBs063gjwQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:18:00 GMT
age: 5425
etag: "a859bec81457e5b3511fb7612b65bcd4be790f21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12161 bytes)
Hash
71e9a308430eff340bb55c56b64fcc63
63d49b26322a1dca8ed669c1abafc27ee7f7c4b2
e3c8917124f2d13de6d1c0a1f1539f035abef31bbbf2246e77db44d9a3e29b61

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12161
x-amzn-requestid: 6ad8283c-3d3d-41f0-ada7-1b0d20568aa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dXIZIGZFIAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639f876d-0bc6f28d582f63b35a494472;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gJgluMuS-cEZnEk8LNtVJk02T883tD8OZJy4BftXFGhJ6tHeLGrcqw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:37:59 GMT
age: 40226
etag: "63d49b26322a1dca8ed669c1abafc27ee7f7c4b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5654 bytes)
Hash
8576327b06d5d8259e87bfeb71761ff5
2b2e5694e77b30f2e2cdfddd8ad616be214c9df2
377ffbcb85710900d97b1d99522a8087a6c66bcb778be42da806283cae833715

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5654
x-amzn-requestid: b9f6e88a-f07b-4c6c-b823-9b9e928274ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKtB8Eb5oAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a8ed9-3c8888ca41c995d67a09fa50;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:04:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FaoiV9Jr3-1aqI-rVbXAYEMTsG_cjqVxmr0di-CbJaQBwIbb6BRg6A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 06:05:02 GMT
age: 9803
etag: "2b2e5694e77b30f2e2cdfddd8ad616be214c9df2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4362 bytes)
Hash
43c9ed63c9760a5b3826550e59a96f43
912a87f2df4a93717a3817bb9c9bf0071b2fce7e
5e75e2e9bbc0d3e992f72257923c97ff8d037fcbf5ccf092e100ae26af2b2d89

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4362
x-amzn-requestid: e88d6aea-c8f7-45e5-9f10-07bc6efb4b9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dObYsEa1IAMFa_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c0c37-1f4852530ab1b5b73a088601;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 06:12:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QIK3QHtic45T4AGzPHbGnLqJ41ynolJ48u3_-xk_BJ75_OJbCXt2NQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:52:39 GMT
age: 39346
etag: "912a87f2df4a93717a3817bb9c9bf0071b2fce7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5710 bytes)
Hash
5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRZhQNysDphRjUTZ7bCgTbwlYYVWgXvMMmPJSv6RysKbK0bWOY1cpA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:53:55 GMT
age: 39270
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff

104.21.93.97

200 OK

90 kB

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 90060, version 331.-31261\012- data
Size
90 kB (90060 bytes)
Hash
099a9556e1a63ece24f8a99859c94c7d
5f8cab91347c553c1eb87f9b527f6bee8a28e40d
aff76e5c986f295d4bc6f8142a78e2a31888b101c2d025db89f79c75f64fd90b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zenitdent.com/wp-content/litespeed/css/d4a7771d8223e4da1f3053ad09288e5b.css?ver=c63b6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:26 GMT
content-type: font/woff
content-length: 90060
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Sat, 10 Dec 2022 10:00:34 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7etzLvaFSbaQ0YS2jVQlI7oCIARSc4IcFH0UpO0F4nJ5whHTuMCNK%2FDPaXVOaa6sRX6waxURiDI6f6auq%2FinwG8igENO05sZxgicOPk7fD79iQkNNl%2FWm%2BqF9ovFKR5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee114dffab50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-248919276-3

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-248919276-3
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43636 bytes)
Hash
827edb0ebb514dbe6f468ceba71ca4f5
b27690d47507f241cd347887688e2c099d25f279
b4113a0ebaab5cc74f102d21773e91bbe04ea632cc206f7140b64f5cc9674e48

HTTP Headers

GET /gtag/js?id=UA-248919276-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Dec 2022 08:48:26 GMT
expires: Mon, 19 Dec 2022 08:48:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 19 Dec 2022 08:41:08 GMT
expires: Mon, 19 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 439
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-KTKHDTN9XH&gtm=2oebu0&_p=1313286853&gdid=dZTNiMT&cid=2138405285.1671439707&ul=en-us&sr=1280x1024&_s=1&sid=1671439706&sct=1&seg=0&dl=https%3A%2F%2Fzenitdent.com%2Fceum%2F%3FAPETMRO%3D6&dt=Sayfa%20bulunamad%C4%B1%20%E2%80%93%20Zenit%20Dent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-KTKHDTN9XH&gtm=2oebu0&_p=1313286853&gdid=dZTNiMT&cid=2138405285.1671439707&ul=en-us&sr=1280x1024&_s=1&sid=1671439706&sct=1&seg=0&dl=https%3A%2F%2Fzenitdent.com%2Fceum%2F%3FAPETMRO%3D6&dt=Sayfa%20bulunamad%C4%B1%20%E2%80%93%20Zenit%20Dent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-KTKHDTN9XH&gtm=2oebu0&_p=1313286853&gdid=dZTNiMT&cid=2138405285.1671439707&ul=en-us&sr=1280x1024&_s=1&sid=1671439706&sct=1&seg=0&dl=https%3A%2F%2Fzenitdent.com%2Fceum%2F%3FAPETMRO%3D6&dt=Sayfa%20bulunamad%C4%B1%20%E2%80%93%20Zenit%20Dent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zenitdent.com
Connection: keep-alive
Referer: https://zenitdent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://zenitdent.com
date: Mon, 19 Dec 2022 08:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6

104.21.93.97

200 OK

457 kB

URL HTTP/2
zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (41476)
Size
457 kB (456574 bytes)
Hash
c894ce7bcb52465a73f169beb0b73662
1aca74571d9b0fa0fc4206e75168110a1ee4c35f
a075c553ff82495060e6178a3c48c46e608fbe59a370f16644cd480fba559733

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Thu, 15 Dec 2022 00:36:02 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DucgtHGnDnANCwkqSP%2Fvi3DLEZ12FJYuQgIsNWI6PCXNvULfcbvSgxJ1hW%2Fj%2Bk1PRwaAqqbo1HUm0lElowc8WdhNWKaULaeoLjeumrWcuudtgdaoC5Fbp1BpfzAnIlRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1175ab5b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6

104.21.93.97

200 OK

337 kB

URL HTTP/2
zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (41496)
Size
337 kB (337399 bytes)
Hash
b21cbf7dd3f3044679972ddca0537302
4478feb0a0fbe9137cafd6f23e4bf076904cad89
a2cb6936522d318055f65e136689d21a5687a90463dba875c5a8f550484cc4f5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=1185888
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Thu, 15 Dec 2022 00:36:02 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EkKzgFFj9wKozpzrNSFeee5NsGGVT57CTtBAdf7Jb3mJ74UjCwv4G1QbwNBT1nHg2pIdb37cMZ6hzcZl%2FQNY%2Fn1g%2By38ZMoP4WlHHwjv2H8hKAS58CTiLHX5pZkw4OR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11d594fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff

104.21.93.97

200 OK

14 kB

URL HTTP/2
zenitdent.com/wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 14260, version 1.1\012- data
Size
14 kB (14260 bytes)
Hash
ec2f4fc2a525caa50d72c4b2dab4fce7
26a78790d5ee9f766fdeb01fa09c7402a3cdb573
47b779629625cd04fd24280dce272dd05b1f05cb51c4cd9ac59907c296697afb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zenitdent.com/wp-content/litespeed/css/d4a7771d8223e4da1f3053ad09288e5b.css?ver=c63b6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: font/woff
content-length: 14260
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Thu, 27 Oct 2022 07:01:28 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhfD5Ux6Y%2FP9t56HVUDHdzLdbx9fKAgry6c1VTAuhA4LKMPTCSB%2Fj3PZPEfUb82XU0W4VHduXzexZxz6jknrAE%2FKFPRCah8eus4WQ9twOWg9yj23QHODO8rOjBY2QAnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e5a87b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/ceum/?APETMRO=6

104.21.93.97

404 Not Found

86 kB

URL HTTP/2
zenitdent.com/ceum/?APETMRO=6
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10755)
Size
86 kB (86114 bytes)
Hash
5d2ea84546803bb34a9467352a79f3bf
b0821d0687895803385356df6008fe3b1b81aeca
7d3b13ea228e4ee891d655f5e8d6dbf0bb24d56ddaeede7f6d360ce69a392848

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ceum/?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zenitdent.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 7ab_HTTP.404,7ab_404,7ab_URL.326c9cc518b68c60f1f844db0948990a,7ab_,7ab_UCSS.3460e3d3096115163be76d02de205402,7ab_MIN.d4a7771d8223e4da1f3053ad09288e5b.css,7ab_MIN.a7a5977c535a5ac96302095e21cf3591.js
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLDxusgsusyQ9rgcKnlYzyOOmZeZOajrJdRD9S2pQqohz2%2Fh1IEgNRHyMPW6q3oPQgVPZBOSO1sEZwSy6rj90mSvHDpaplp%2Bm2vMxtdRlmynoAH4kG4jUpNNmh5jZtcH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee114dff9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2

104.21.93.97

200 OK

77 kB

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Size
77 kB (76764 bytes)
Hash
f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zenitdent.com/wp-content/litespeed/css/d4a7771d8223e4da1f3053ad09288e5b.css?ver=c63b6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: font/woff2
content-length: 76764
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Sat, 10 Dec 2022 10:00:34 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQYtPzeccuijA2Lyn%2BRHEW%2BqI0hunA3zGl8eo6ydnhW8AS2tpz2s2zfYT%2FWR8coRx5bsIZYb%2F4nPdLLa%2BPQ68yRfn8pUu16%2FDEt%2FhwtMYfDzpQnxUH1U8JvYMWqR8SY2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e6a94b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zenitdent.com/wp-includes/js/jquery/jquery.min.js

104.21.93.97

200 OK

48 kB

URL HTTP/2
zenitdent.com/wp-includes/js/jquery/jquery.min.js
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65447)
Size
48 kB (47893 bytes)
Hash
644e74d99f815a6204a64cab5c49a819
dfca4b7fe3d3cbc7193cb69736cbef52acaa4647
33f3e3919d1f850c02cdbbe2833b6e655fcf267979dec8a33c68f29fc83729a7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Wed, 02 Nov 2022 12:22:13 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6GW%2FYKq%2FEGGb3fFe77YshcIk9nbauGSOS6QeMTcu63qi2InnEcS6jQPauL0kkO%2F6TF%2Bpj%2Bx9p8SpXOiOV9gWQV2mnt%2BbG0aYclQUD%2FQkYXkZaIT4FnbpPkE9UK8azBS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11d1907b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js

104.21.93.97

200 OK

4.3 kB

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3262)
Size
4.3 kB (4275 bytes)
Hash
ef4f856319c2626b242b2ad005f6380d
b690390b8dd7260584f3e3442d07cf12d99674e2
027c4d46bdf3fa5022b8646771fd511f2be67d47e27494d7d7f8a0b827f85dc9

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Tue, 20 Sep 2022 14:03:00 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w7P1RsGlQcZE%2BOKOxshWUKMuhvnVk2imE5u6Rr9f6Es4HZrh5tCpt%2FR5PZe4DmPb9M%2F1iIYX0BB2fPAcFNmH4D%2Fryl2YfwEWBO%2BwOjUVv706JjiDYLDvYbFKvKTt0yY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11b5f22b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Size
12 kB (11800 bytes)
Hash
e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zenitdent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:12 GMT
expires: Sat, 16 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 242116
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2

142.250.74.35

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14552, version 1.0\012- data
Size
15 kB (14552 bytes)
Hash
d8d78c8d074b3e3ee4232d269932f9a2
10f9e448571b8095b380bb2ea019cfc68fb27a9b
8a539799d12e3a144273288055490f57e1eee84da7a9145f085bc522e80719c3

HTTP Headers

GET /s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zenitdent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 22:27:03 GMT
expires: Wed, 13 Dec 2023 22:27:03 GMT
cache-control: public, max-age=31536000
age: 469285
last-modified: Tue, 26 Apr 2022 16:36:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

zenitdent.com/wp-content/uploads/2022/10/zenitdent.webp

104.21.93.97

200 OK

3.1 kB

URL HTTP/2
zenitdent.com/wp-content/uploads/2022/10/zenitdent.webp
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
3.1 kB (3068 bytes)
Hash
a307b453aac7ac9e8fb2718e77158965
0c71770d84e0af344046be0404be172b6f0d31f0
e0cb3624575a8deedd928fe0b05c1f36d71a1c867daea197ddc43dd32df8a43d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/10/zenitdent.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: image/webp
content-length: 3068
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Wed, 26 Oct 2022 12:25:01 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w%2BcXwskW65hDnQiafVac5JSK8aHd8RCezunfyzoPnZCDa8BMIAcpRZAub8nrcllT9kN%2BOsWLkL29tf4hOGOzvn1bZG2NTPvQe51Jd2XtgzUyMYtYP%2Fs%2Bk1slUzqQOGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e9ac0b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/uploads/2022/10/cagri-merkezi-1.webp

104.21.93.97

200 OK

88 kB

URL HTTP/2
zenitdent.com/wp-content/uploads/2022/10/cagri-merkezi-1.webp
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
88 kB (87978 bytes)
Hash
0c22f0e90d3e55167054a09d69ed6648
11c1962bc7af2ec5b5e2f3735b970ca630ac5049
797bef876c42ef71b55250d13f51b04d9a6adf9b690d4146055437ccb26e0c71

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/10/cagri-merkezi-1.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: image/webp
content-length: 87978
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Wed, 26 Oct 2022 14:31:40 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dq10664GmaUv9SFCLdanlMo8OYcHXnBXOwigznfgN8muVOA1F4apcpzwPx5i6DwPkTJhBgc%2Fu7wJqZ%2Fwg4wcHVypiWfObdr%2FNBHtY4Aqm6LUUwKqv0MT3WClCbNrcgL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e9ac3b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

104.21.93.97

200 OK

82 kB

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (10544)
Size
82 kB (81709 bytes)
Hash
6612f906b8b38340f04732320bbd9991
0d55dfae4a2120537b688cee7762785fe2eea331
f8af1af3d6071fd1f1a2ec372c53f080f49f9a8741384f8e7db105f476859aa6

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Sat, 10 Dec 2022 10:00:29 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bq6Mqgw%2BkCRsc3%2F8XvqhDqI8Lqh1oNuG%2B9%2BvMqvb6ZMZSSBVP1QE4xpCE9d79jed3JZXluQmuguCmyAWL3kMvn%2B7uzULDvreLw6Cxypvn9izCoxl%2BjtH2W7bEoqo%2BcZt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11b4f13b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js

104.21.93.97

200 OK

80 kB

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3262)
Size
80 kB (80137 bytes)
Hash
7b28d671584003496d01399eb5cb5627
c6974955fc0b4db2d16b0cf6cd5a6137c7bafcdd
594a2e3f8a2b7bd7a7b34ad95ee5eeec33d03d4c40ae44e77af33ad038b3428a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Tue, 20 Sep 2022 14:03:00 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtTtM1uKmoRTO2Qpw5a87S0BnDqVJtTOOet%2B6FhX14qHK1l249nhmC%2BbZpUllKl0MnYFrSWzcWQhrW%2F93JDLnW21p7wz6CxPH2XU9ntNVqtqw3Ox8RywlR5sYdPBtX79"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1204d11b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-admin/admin-ajax.php?action=quform_support_page_caching&forms%5B%5D=205f7b

104.21.93.97

200 OK

20 kB

URL HTTP/2
zenitdent.com/wp-admin/admin-ajax.php?action=quform_support_page_caching&forms%5B%5D=205f7b
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with no line terminators
Size
20 kB (20130 bytes)
Hash
5dd127614d0628f0743a5ea2d3f8ed46
8a867e335df1c9fb800a29627e0cef59382013ab
f2290c81a041121944422ac65da7da526a251cd80acd64685b2b0463eda314a1

HTTP Headers

GET /wp-admin/admin-ajax.php?action=quform_support_page_caching&forms%5B%5D=205f7b HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC80k0Yd%2FIItaoz5xQOPVCBRXVCyxihFfHut75ZpcMA6wK8CHyS%2BZuUWmwiDlXBKKxZSLSRiAoHZ%2BgMzGq8lU5H%2FaZz%2BNLVcQJy07szB6WvPAMn%2BvFGHsqPWILxwkDzg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11fac4db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp

104.21.93.97

200 OK

26 kB

URL HTTP/2
zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
26 kB (25908 bytes)
Hash
e729b35d03e14cc6040e631a9478e792
933123f6b0d01ddd9149262305ad4b8a582ef9e9
3989629ec1fe378314ee103762dbc80b7483536692000062d7028d087181d8ac

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: image/webp
content-length: 25908
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:27 GMT
last-modified: Thu, 27 Oct 2022 06:12:50 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgL3MOz1Gwi%2F43rNcqhQdfVnhakRlpU7zwkUJVQrwm3FMDigJ4sHcaWl9wA24udDXNhDbSI6nhqZFjv%2FQUau5yxzTnBW7JfWgPm%2B1ZdV4%2F0XZ1ofZyS34tMDc%2BW9lSza"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1227862b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp

104.21.93.97

200 OK

9.5 kB

URL HTTP/2
zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.5 kB (9516 bytes)
Hash
c3f75f113ea12280ccfcae2652f0ca1b
391eff6bd0f9fbdd63b139bb59298e06d9d32567
b42dca1b32134a7814efad81204ac2116b0b011f86ffe2543f8e8d949158b25a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:29 GMT
content-type: image/webp
content-length: 9516
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:27 GMT
last-modified: Thu, 27 Oct 2022 06:12:51 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLEJBxgU7Q1Y09GclmCJRBGuYRgZdAcK0L1FhoDDieTLQy5empEwZ3MZK%2B%2FbQo3q7aBSZeYrvasB7FF1drmdkA3xhD%2FtPjD2ZL9j%2BJd2BltiAyMXvd%2FCSxxPKyRnOhKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1227866b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/ceum/index.php?APETMRO=6

104.21.93.97

301 Moved Permanently

0 B

URL HTTP/2
zenitdent.com/ceum/index.php?APETMRO=6
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ceum/index.php?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
date: Mon, 19 Dec 2022 08:48:24 GMT
content-type: text/html; charset=UTF-8
location: https://zenitdent.com/ceum/?APETMRO=6
set-cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; path=/; secure; httponly; samesite=None
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-litespeed-cache: miss
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzVJvOXccFKivhow%2FTKax1ftFATRpg0v8HSOgA%2BDCc%2FJZp2jgOK23zcPyqVqPTLL3Nopor9b92Jq2Bhb6jQZUBRDmZz3wrETxKuTPgGfJNL6wXrmuJWdbANrp7ZsfqOx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee103cc13b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/ceum/?APETMRO=6

104.21.93.97

404 Not Found

0 B

URL HTTP/2
zenitdent.com/ceum/?APETMRO=6
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /ceum/?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 404 Not Found
date: Mon, 19 Dec 2022 08:48:25 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zenitdent.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 7ab_HTTP.404,7ab_404,7ab_URL.326c9cc518b68c60f1f844db0948990a,7ab_guest,7ab_,7ab_UCSS.7befda9636ba492231eff827c679fbce,7ab_MIN.d4a7771d8223e4da1f3053ad09288e5b.css,7ab_MIN.a7a5977c535a5ac96302095e21cf3591.js
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1hNr0XpInB1RpFZww6Khc5dnPZJg5bZEWJL5lqTDo0QJ0bugQfRnEEZeaV6CCFu8KxwCMBOPn4hBR5QwOwgN8c5VNZCSy9Qmg1CCwuLZpW134XeWAELVCvKrlsviEhT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1070820b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-includes/js/jquery/jquery.min.js

104.21.93.97

200 OK

0 B

URL HTTP/2
zenitdent.com/wp-includes/js/jquery/jquery.min.js
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:26 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Wed, 02 Nov 2022 12:22:13 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpyuLIXFZxcq5Q9BF%2BEY6SR55wpZSTv7%2Ff%2FT1QPRHNNdybI3JlSAVKOl7QdVb3imOvBH%2Bk4Y7XLKAgpYEoUxqoHkPdNdGPz070NfQzGzJPflKcLbRDE3hy%2BB1PkTnsyO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee114e803b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0

104.21.93.97

200 OK

0 B

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Sat, 10 Dec 2022 10:00:29 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YS8KY8nhw8l5m2Ct6fDCgB4ThxPy%2FNA1ZriWqevInP8VQnD5kbajiOHSwu3sJhcecmdgwe4CDaarlvIuj9Ok6D%2FMpx4tP34yjp3W1vpg4EjlellGXzAZ6qShaV5WEtx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1201cd3b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js

104.21.93.97

200 OK

0 B

URL HTTP/2
zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP
104.21.93.97:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Sat, 10 Dec 2022 10:00:39 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az46Msw8%2BLvPNCJWbyCh1qeXX1oFp%2B5OYuPY1BXOtCeWpKvEWYoKoBLGtH1gvXY1LyJkeRS%2Fk5Onmx3GwvkoOqv5uYg%2FOOWmsva8Hr4cMo8NdXOBkN2pmhrgeTo1xKBJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11b7f41b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations