zenitdent.com/ceum/index.php?APETMRO=6
104.21.93.97301 Moved Permanently 0 B URL HTTP/1.1 zenitdent.com/ceum/index.php?APETMRO=6
IP 104.21.93.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /ceum/index.php?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Dec 2022 08:48:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 19 Dec 2022 09:48:23 GMT
Location: https://zenitdent.com/ceum/index.php?APETMRO=6
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJaPwxZAEhE1gb7aBUNxpboDqjN75ZDcis4VAFejFvygB6f%2FaJDZoegmecXLawlp27H90Rx7bev5vNO9OSmNNHKVVKPpBbNGqhKTdssbjyW4N9sAPVIz6qOE8j2ZH49B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77bee1010847b50b-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4cbb89840b57466fcbc0b31305c9dc47
c2c08a7a243a3f7972e8068c448488cac6d2519f
5f871ffd142470f132fed1c93f5f1a7fe6a5ecc3b4311d3d47555fce1d9a35f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F871FFD142470F132FED1C93F5F1A7FE6A5ECC3B4311D3D47555FCE1D9A35F1"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6234
Expires: Mon, 19 Dec 2022 10:32:17 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2039a1dda99e075b82840608771d2326
e89713a35b312f3b87fbeaad98f03fddecbf77ce
aae78c754635e9833fa6c231d775bddc82add02f9ce3197a0b260a0806e708c3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AAE78C754635E9833FA6C231D775BDDC82ADD02F9CE3197A0B260A0806E708C3"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14865
Expires: Mon, 19 Dec 2022 12:56:08 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 19 Dec 2022 08:34:22 GMT
content-type: application/json
age: 841
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5055
Expires: Mon, 19 Dec 2022 10:12:38 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bOl+EyFBHm82/mHg7wtTyMGAigVLFVeBdsWY0iweThcZ4B9owgOmEr0ARZdY1pjpSkjc9aZHZSU=
x-amz-request-id: 2RG4R9TQ1Q6SW6BT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 19 Dec 2022 07:54:28 GMT
age: 3235
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Dec 2022 08:48:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b79e7f72666fce5afaba47a698a1bac
470a139e4ca36370a09ae1f8bde9abed9e811f5e
91f37a918de30b46e28e125ff750d587e120adbd7011a154e76525db9f35588f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91F37A918DE30B46E28E125FF750D587E120ADBD7011A154E76525DB9F35588F"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21568
Expires: Mon, 19 Dec 2022 14:47:51 GMT
Date: Mon, 19 Dec 2022 08:48:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 19 Dec 2022 08:08:01 GMT
age: 2422
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 927
Cache-Control: max-age=88434
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:24 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 09:22:18 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1b79e7f72666fce5afaba47a698a1bac
470a139e4ca36370a09ae1f8bde9abed9e811f5e
91f37a918de30b46e28e125ff750d587e120adbd7011a154e76525db9f35588f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "91F37A918DE30B46E28E125FF750D587E120ADBD7011A154E76525DB9F35588F"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Mon, 19 Dec 2022 14:47:51 GMT
Date: Mon, 19 Dec 2022 08:48:24 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.190.173101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.190.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SiJyiH6wKkbCPUT8pKKgXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GSCKxaEm3+OaCNCoQrPLhx35k+0=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b52a05c34a7c3eaee8f5c1f73954364c
89c5023a0c43860efd362d0d2751a0ea9a204f54
94de3b3351ec8035986be412843212eebe4a3c9d6521b2a0c922870d5365adb8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94DE3B3351EC8035986BE412843212EEBE4A3C9D6521B2A0C922870D5365ADB8"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6766
Expires: Mon, 19 Dec 2022 10:41:11 GMT
Date: Mon, 19 Dec 2022 08:48:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e0773ba795a9e9a70038c6d8c64ebfa2
3d1db768017331da152d0df6cf5bc6ea6c813b83
46c25962e3bad9785a77bd8f51021460bcf44e9907c725c38329b6dadf560a44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1283f05-ca54-470d-bbc4-9b6d4386b138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8722
x-amzn-requestid: 88a7ab87-3bee-429d-9d3d-8969f6908c65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKGGkH2UIAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a5090-072ab9b341d4c00622492ee8;Sampled=0
x-amzn-remapped-date: Wed, 14 Dec 2022 22:39:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lpuH1nfNTFrtEUzxSDBEtunOkPU7Y5cP5PSVlJQ43YkRBrRX4OukPg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:38:25 GMT
age: 40200
etag: "3d1db768017331da152d0df6cf5bc6ea6c813b83"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6c714628a486b8d09101fe1115b4a25
a859bec81457e5b3511fb7612b65bcd4be790f21
41586527c64614c69c2833d2eb9a0e5e03906388a39ae16443b45dd6885329af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47778af6-2d49-4ee8-b5bf-2e8c1140cce5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9058
x-amzn-requestid: 30f541b7-557c-45c6-a639-596ec624d6b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dVJtzFJPIAMFaow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639ebcbe-221f45c41cc4ac943f78ce6c;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 07:09:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: f_sUIMBle-AT5Od_IJdlhNc1razIfG8LYIi1tEsIyWtMRBs063gjwQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 07:18:00 GMT
age: 5425
etag: "a859bec81457e5b3511fb7612b65bcd4be790f21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 71e9a308430eff340bb55c56b64fcc63
63d49b26322a1dca8ed669c1abafc27ee7f7c4b2
e3c8917124f2d13de6d1c0a1f1539f035abef31bbbf2246e77db44d9a3e29b61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbedc7d70-00c3-409b-9b46-11cbe9909f2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12161
x-amzn-requestid: 6ad8283c-3d3d-41f0-ada7-1b0d20568aa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dXIZIGZFIAMFubg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639f876d-0bc6f28d582f63b35a494472;Sampled=0
x-amzn-remapped-date: Sun, 18 Dec 2022 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gJgluMuS-cEZnEk8LNtVJk02T883tD8OZJy4BftXFGhJ6tHeLGrcqw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:37:59 GMT
age: 40226
etag: "63d49b26322a1dca8ed669c1abafc27ee7f7c4b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8576327b06d5d8259e87bfeb71761ff5
2b2e5694e77b30f2e2cdfddd8ad616be214c9df2
377ffbcb85710900d97b1d99522a8087a6c66bcb778be42da806283cae833715
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4e12be4-4d3a-4c89-acc3-9f2634b84373.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5654
x-amzn-requestid: b9f6e88a-f07b-4c6c-b823-9b9e928274ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKtB8Eb5oAMF3gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a8ed9-3c8888ca41c995d67a09fa50;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 03:04:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FaoiV9Jr3-1aqI-rVbXAYEMTsG_cjqVxmr0di-CbJaQBwIbb6BRg6A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Dec 2022 06:05:02 GMT
age: 9803
etag: "2b2e5694e77b30f2e2cdfddd8ad616be214c9df2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43c9ed63c9760a5b3826550e59a96f43
912a87f2df4a93717a3817bb9c9bf0071b2fce7e
5e75e2e9bbc0d3e992f72257923c97ff8d037fcbf5ccf092e100ae26af2b2d89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F956cf952-1c2d-4c51-b322-8a251d3893bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4362
x-amzn-requestid: e88d6aea-c8f7-45e5-9f10-07bc6efb4b9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dObYsEa1IAMFa_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c0c37-1f4852530ab1b5b73a088601;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 06:12:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QIK3QHtic45T4AGzPHbGnLqJ41ynolJ48u3_-xk_BJ75_OJbCXt2NQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:52:39 GMT
age: 39346
etag: "912a87f2df4a93717a3817bb9c9bf0071b2fce7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d9d95001bfc942895a41fb4bbd50c56
67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9
042c3809a802ef44ff6de8a270194cdf69cc3ba9d8f5192110dda7829d2d52d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61dd0e23-c172-4f68-b254-9fd26e2782f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5710
x-amzn-requestid: 9e587daa-7632-4765-a8c5-6cea13058bac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dNQQJEp6IAMF1Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639b9400-63c04fa4691c32f914301a3d;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 21:39:12 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cRZhQNysDphRjUTZ7bCgTbwlYYVWgXvMMmPJSv6RysKbK0bWOY1cpA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Dec 2022 21:53:55 GMT
age: 39270
etag: "67e1f40fbf45d7f32e4bd05f7c9e71f352483fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff
104.21.93.97200 OK 90 kB URL HTTP/2 zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff
IP 104.21.93.97:0
File type Web Open Font Format, TrueType, length 90060, version 331.-31261\012- data
Hash 099a9556e1a63ece24f8a99859c94c7d
5f8cab91347c553c1eb87f9b527f6bee8a28e40d
aff76e5c986f295d4bc6f8142a78e2a31888b101c2d025db89f79c75f64fd90b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zenitdent.com/wp-content/litespeed/css/d4a7771d8223e4da1f3053ad09288e5b.css?ver=c63b6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:26 GMT
content-type: font/woff
content-length: 90060
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Sat, 10 Dec 2022 10:00:34 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7etzLvaFSbaQ0YS2jVQlI7oCIARSc4IcFH0UpO0F4nJ5whHTuMCNK%2FDPaXVOaa6sRX6waxURiDI6f6auq%2FinwG8igENO05sZxgicOPk7fD79iQkNNl%2FWm%2BqF9ovFKR5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee114dffab50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-248919276-3
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-248919276-3
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 827edb0ebb514dbe6f468ceba71ca4f5
b27690d47507f241cd347887688e2c099d25f279
b4113a0ebaab5cc74f102d21773e91bbe04ea632cc206f7140b64f5cc9674e48
GET /gtag/js?id=UA-248919276-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Dec 2022 08:48:26 GMT
expires: Mon, 19 Dec 2022 08:48:26 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d62c4eea8ea4b9e5545fc952781c3b1d
47ca338b2d6be9d8a22c052d0838bce364463dce
75f6054477e9c699a1ee189cc77b20c5696ec306db93af0396a98b3b5b49bbc4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 19 Dec 2022 08:41:08 GMT
expires: Mon, 19 Dec 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 439
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-KTKHDTN9XH>m=2oebu0&_p=1313286853&gdid=dZTNiMT&cid=2138405285.1671439707&ul=en-us&sr=1280x1024&_s=1&sid=1671439706&sct=1&seg=0&dl=https%3A%2F%2Fzenitdent.com%2Fceum%2F%3FAPETMRO%3D6&dt=Sayfa%20bulunamad%C4%B1%20%E2%80%93%20Zenit%20Dent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-KTKHDTN9XH>m=2oebu0&_p=1313286853&gdid=dZTNiMT&cid=2138405285.1671439707&ul=en-us&sr=1280x1024&_s=1&sid=1671439706&sct=1&seg=0&dl=https%3A%2F%2Fzenitdent.com%2Fceum%2F%3FAPETMRO%3D6&dt=Sayfa%20bulunamad%C4%B1%20%E2%80%93%20Zenit%20Dent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-KTKHDTN9XH>m=2oebu0&_p=1313286853&gdid=dZTNiMT&cid=2138405285.1671439707&ul=en-us&sr=1280x1024&_s=1&sid=1671439706&sct=1&seg=0&dl=https%3A%2F%2Fzenitdent.com%2Fceum%2F%3FAPETMRO%3D6&dt=Sayfa%20bulunamad%C4%B1%20%E2%80%93%20Zenit%20Dent&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://zenitdent.com
Connection: keep-alive
Referer: https://zenitdent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://zenitdent.com
date: Mon, 19 Dec 2022 08:48:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6
104.21.93.97200 OK 457 kB URL HTTP/2 zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6
IP 104.21.93.97:0
File type ASCII text, with very long lines (41476)
Size 457 kB (456574 bytes)
Hash c894ce7bcb52465a73f169beb0b73662
1aca74571d9b0fa0fc4206e75168110a1ee4c35f
a075c553ff82495060e6178a3c48c46e608fbe59a370f16644cd480fba559733
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Thu, 15 Dec 2022 00:36:02 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DucgtHGnDnANCwkqSP%2Fvi3DLEZ12FJYuQgIsNWI6PCXNvULfcbvSgxJ1hW%2Fj%2Bk1PRwaAqqbo1HUm0lElowc8WdhNWKaULaeoLjeumrWcuudtgdaoC5Fbp1BpfzAnIlRA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1175ab5b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6
104.21.93.97200 OK 337 kB URL HTTP/2 zenitdent.com/wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6
IP 104.21.93.97:0
File type ASCII text, with very long lines (41496)
Size 337 kB (337399 bytes)
Hash b21cbf7dd3f3044679972ddca0537302
4478feb0a0fbe9137cafd6f23e4bf076904cad89
a2cb6936522d318055f65e136689d21a5687a90463dba875c5a8f550484cc4f5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/a7a5977c535a5ac96302095e21cf3591.js?ver=c63b6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
cf-bgj: minify
cf-polished: origSize=1185888
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Thu, 15 Dec 2022 00:36:02 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EkKzgFFj9wKozpzrNSFeee5NsGGVT57CTtBAdf7Jb3mJ74UjCwv4G1QbwNBT1nHg2pIdb37cMZ6hzcZl%2FQNY%2Fn1g%2By38ZMoP4WlHHwjv2H8hKAS58CTiLHX5pZkw4OR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11d594fb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff
104.21.93.97200 OK 14 kB URL HTTP/2 zenitdent.com/wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff
IP 104.21.93.97:0
File type Web Open Font Format, TrueType, length 14260, version 1.1\012- data
Hash ec2f4fc2a525caa50d72c4b2dab4fce7
26a78790d5ee9f766fdeb01fa09c7402a3cdb573
47b779629625cd04fd24280dce272dd05b1f05cb51c4cd9ac59907c296697afb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/mulish-v12-latin-500-1.woff HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zenitdent.com/wp-content/litespeed/css/d4a7771d8223e4da1f3053ad09288e5b.css?ver=c63b6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: font/woff
content-length: 14260
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Thu, 27 Oct 2022 07:01:28 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhfD5Ux6Y%2FP9t56HVUDHdzLdbx9fKAgry6c1VTAuhA4LKMPTCSB%2Fj3PZPEfUb82XU0W4VHduXzexZxz6jknrAE%2FKFPRCah8eus4WQ9twOWg9yj23QHODO8rOjBY2QAnV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e5a87b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/ceum/?APETMRO=6
104.21.93.97404 Not Found 86 kB URL HTTP/2 zenitdent.com/ceum/?APETMRO=6
IP 104.21.93.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10755)
Hash 5d2ea84546803bb34a9467352a79f3bf
b0821d0687895803385356df6008fe3b1b81aeca
7d3b13ea228e4ee891d655f5e8d6dbf0bb24d56ddaeede7f6d360ce69a392848
Analyzer Verdict Alert fortinet Malware
GET /ceum/?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zenitdent.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 7ab_HTTP.404,7ab_404,7ab_URL.326c9cc518b68c60f1f844db0948990a,7ab_,7ab_UCSS.3460e3d3096115163be76d02de205402,7ab_MIN.d4a7771d8223e4da1f3053ad09288e5b.css,7ab_MIN.a7a5977c535a5ac96302095e21cf3591.js
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CLDxusgsusyQ9rgcKnlYzyOOmZeZOajrJdRD9S2pQqohz2%2Fh1IEgNRHyMPW6q3oPQgVPZBOSO1sEZwSy6rj90mSvHDpaplp%2Bm2vMxtdRlmynoAH4kG4jUpNNmh5jZtcH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee114dff9b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
104.21.93.97200 OK 77 kB URL HTTP/2 zenitdent.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 104.21.93.97:0
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://zenitdent.com/wp-content/litespeed/css/d4a7771d8223e4da1f3053ad09288e5b.css?ver=c63b6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: font/woff2
content-length: 76764
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Sat, 10 Dec 2022 10:00:34 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQYtPzeccuijA2Lyn%2BRHEW%2BqI0hunA3zGl8eo6ydnhW8AS2tpz2s2zfYT%2FWR8coRx5bsIZYb%2F4nPdLLa%2BPQ68yRfn8pUu16%2FDEt%2FhwtMYfDzpQnxUH1U8JvYMWqR8SY2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e6a94b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zenitdent.com/wp-includes/js/jquery/jquery.min.js
104.21.93.97200 OK 48 kB URL HTTP/2 zenitdent.com/wp-includes/js/jquery/jquery.min.js
IP 104.21.93.97:0
File type ASCII text, with very long lines (65447)
Hash 644e74d99f815a6204a64cab5c49a819
dfca4b7fe3d3cbc7193cb69736cbef52acaa4647
33f3e3919d1f850c02cdbbe2833b6e655fcf267979dec8a33c68f29fc83729a7
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Wed, 02 Nov 2022 12:22:13 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X6GW%2FYKq%2FEGGb3fFe77YshcIk9nbauGSOS6QeMTcu63qi2InnEcS6jQPauL0kkO%2F6TF%2Bpj%2Bx9p8SpXOiOV9gWQV2mnt%2BbG0aYclQUD%2FQkYXkZaIT4FnbpPkE9UK8azBS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11d1907b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
104.21.93.97200 OK 4.3 kB URL HTTP/2 zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 104.21.93.97:0
File type ASCII text, with very long lines (3262)
Hash ef4f856319c2626b242b2ad005f6380d
b690390b8dd7260584f3e3442d07cf12d99674e2
027c4d46bdf3fa5022b8646771fd511f2be67d47e27494d7d7f8a0b827f85dc9
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Tue, 20 Sep 2022 14:03:00 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3w7P1RsGlQcZE%2BOKOxshWUKMuhvnVk2imE5u6Rr9f6Es4HZrh5tCpt%2FR5PZe4DmPb9M%2F1iIYX0BB2fPAcFNmH4D%2Fryl2YfwEWBO%2BwOjUVv706JjiDYLDvYbFKvKTt0yY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11b5f22b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11800, version 1.0\012- data
Hash e36fccd06262bef92e7a9841e2202225
b907dd02819497b3942220e0aa160c167195506b
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zenitdent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11800
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:12 GMT
expires: Sat, 16 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 242116
last-modified: Wed, 11 May 2022 19:25:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14552, version 1.0\012- data
Hash d8d78c8d074b3e3ee4232d269932f9a2
10f9e448571b8095b380bb2ea019cfc68fb27a9b
8a539799d12e3a144273288055490f57e1eee84da7a9145f085bc522e80719c3
GET /s/marcellus/v13/wEO_EBrOk8hQLDvIAF81VvoK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://zenitdent.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Dec 2022 22:27:03 GMT
expires: Wed, 13 Dec 2023 22:27:03 GMT
cache-control: public, max-age=31536000
age: 469285
last-modified: Tue, 26 Apr 2022 16:36:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Dec 2022 08:48:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
zenitdent.com/wp-content/uploads/2022/10/zenitdent.webp
104.21.93.97200 OK 3.1 kB URL HTTP/2 zenitdent.com/wp-content/uploads/2022/10/zenitdent.webp
IP 104.21.93.97:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash a307b453aac7ac9e8fb2718e77158965
0c71770d84e0af344046be0404be172b6f0d31f0
e0cb3624575a8deedd928fe0b05c1f36d71a1c867daea197ddc43dd32df8a43d
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/zenitdent.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: image/webp
content-length: 3068
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Wed, 26 Oct 2022 12:25:01 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w%2BcXwskW65hDnQiafVac5JSK8aHd8RCezunfyzoPnZCDa8BMIAcpRZAub8nrcllT9kN%2BOsWLkL29tf4hOGOzvn1bZG2NTPvQe51Jd2XtgzUyMYtYP%2Fs%2Bk1slUzqQOGV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e9ac0b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/uploads/2022/10/cagri-merkezi-1.webp
104.21.93.97200 OK 88 kB URL HTTP/2 zenitdent.com/wp-content/uploads/2022/10/cagri-merkezi-1.webp
IP 104.21.93.97:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0c22f0e90d3e55167054a09d69ed6648
11c1962bc7af2ec5b5e2f3735b970ca630ac5049
797bef876c42ef71b55250d13f51b04d9a6adf9b690d4146055437ccb26e0c71
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/cagri-merkezi-1.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: image/webp
content-length: 87978
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Wed, 26 Oct 2022 14:31:40 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5dq10664GmaUv9SFCLdanlMo8OYcHXnBXOwigznfgN8muVOA1F4apcpzwPx5i6DwPkTJhBgc%2Fu7wJqZ%2Fwg4wcHVypiWfObdr%2FNBHtY4Aqm6LUUwKqv0MT3WClCbNrcgL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11e9ac3b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
104.21.93.97200 OK 82 kB URL HTTP/2 zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 104.21.93.97:0
File type ASCII text, with very long lines (10544)
Hash 6612f906b8b38340f04732320bbd9991
0d55dfae4a2120537b688cee7762785fe2eea331
f8af1af3d6071fd1f1a2ec372c53f080f49f9a8741384f8e7db105f476859aa6
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Sat, 10 Dec 2022 10:00:29 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bq6Mqgw%2BkCRsc3%2F8XvqhDqI8Lqh1oNuG%2B9%2BvMqvb6ZMZSSBVP1QE4xpCE9d79jed3JZXluQmuguCmyAWL3kMvn%2B7uzULDvreLw6Cxypvn9izCoxl%2BjtH2W7bEoqo%2BcZt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11b4f13b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
104.21.93.97200 OK 80 kB URL HTTP/2 zenitdent.com/wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js
IP 104.21.93.97:0
File type ASCII text, with very long lines (3262)
Hash 7b28d671584003496d01399eb5cb5627
c6974955fc0b4db2d16b0cf6cd5a6137c7bafcdd
594a2e3f8a2b7bd7a7b34ad95ee5eeec33d03d4c40ae44e77af33ad038b3428a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor-pro/assets/js/nav-menu.3de49ba5ef86f9a22ff5.bundle.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Tue, 20 Sep 2022 14:03:00 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtTtM1uKmoRTO2Qpw5a87S0BnDqVJtTOOet%2B6FhX14qHK1l249nhmC%2BbZpUllKl0MnYFrSWzcWQhrW%2F93JDLnW21p7wz6CxPH2XU9ntNVqtqw3Ox8RywlR5sYdPBtX79"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1204d11b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-admin/admin-ajax.php?action=quform_support_page_caching&forms%5B%5D=205f7b
104.21.93.97200 OK 20 kB URL HTTP/2 zenitdent.com/wp-admin/admin-ajax.php?action=quform_support_page_caching&forms%5B%5D=205f7b
IP 104.21.93.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5dd127614d0628f0743a5ea2d3f8ed46
8a867e335df1c9fb800a29627e0cef59382013ab
f2290c81a041121944422ac65da7da526a251cd80acd64685b2b0463eda314a1
GET /wp-admin/admin-ajax.php?action=quform_support_page_caching&forms%5B%5D=205f7b HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: application/json; charset=UTF-8
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gC80k0Yd%2FIItaoz5xQOPVCBRXVCyxihFfHut75ZpcMA6wK8CHyS%2BZuUWmwiDlXBKKxZSLSRiAoHZ%2BgMzGq8lU5H%2FaZz%2BNLVcQJy07szB6WvPAMn%2BvFGHsqPWILxwkDzg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11fac4db50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp
104.21.93.97200 OK 26 kB URL HTTP/2 zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp
IP 104.21.93.97:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e729b35d03e14cc6040e631a9478e792
933123f6b0d01ddd9149262305ad4b8a582ef9e9
3989629ec1fe378314ee103762dbc80b7483536692000062d7028d087181d8ac
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/zenitdent-favicon-300x300.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: image/webp
content-length: 25908
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:27 GMT
last-modified: Thu, 27 Oct 2022 06:12:50 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgL3MOz1Gwi%2F43rNcqhQdfVnhakRlpU7zwkUJVQrwm3FMDigJ4sHcaWl9wA24udDXNhDbSI6nhqZFjv%2FQUau5yxzTnBW7JfWgPm%2B1ZdV4%2F0XZ1ofZyS34tMDc%2BW9lSza"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1227862b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp
104.21.93.97200 OK 9.5 kB URL HTTP/2 zenitdent.com/wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp
IP 104.21.93.97:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash c3f75f113ea12280ccfcae2652f0ca1b
391eff6bd0f9fbdd63b139bb59298e06d9d32567
b42dca1b32134a7814efad81204ac2116b0b011f86ffe2543f8e8d949158b25a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/uploads/2022/10/zenitdent-favicon-150x150.webp HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:29 GMT
content-type: image/webp
content-length: 9516
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:27 GMT
last-modified: Thu, 27 Oct 2022 06:12:51 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLEJBxgU7Q1Y09GclmCJRBGuYRgZdAcK0L1FhoDDieTLQy5empEwZ3MZK%2B%2FbQo3q7aBSZeYrvasB7FF1drmdkA3xhD%2FtPjD2ZL9j%2BJd2BltiAyMXvd%2FCSxxPKyRnOhKb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1227866b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/ceum/index.php?APETMRO=6
104.21.93.97301 Moved Permanently 0 B URL HTTP/2 zenitdent.com/ceum/index.php?APETMRO=6
IP 104.21.93.97:0
Analyzer Verdict Alert fortinet Malware
GET /ceum/index.php?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Mon, 19 Dec 2022 08:48:24 GMT
content-type: text/html; charset=UTF-8
location: https://zenitdent.com/ceum/?APETMRO=6
set-cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; path=/; secure; httponly; samesite=None
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-litespeed-cache: miss
vary: User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzVJvOXccFKivhow%2FTKax1ftFATRpg0v8HSOgA%2BDCc%2FJZp2jgOK23zcPyqVqPTLL3Nopor9b92Jq2Bhb6jQZUBRDmZz3wrETxKuTPgGfJNL6wXrmuJWdbANrp7ZsfqOx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee103cc13b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/ceum/?APETMRO=6
104.21.93.97404 Not Found 0 B URL HTTP/2 zenitdent.com/ceum/?APETMRO=6
IP 104.21.93.97:0
Analyzer Verdict Alert fortinet Malware
GET /ceum/?APETMRO=6 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 404 Not Found
date: Mon, 19 Dec 2022 08:48:25 GMT
content-type: text/html; charset=UTF-8
x-dns-prefetch-control: on
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://zenitdent.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 7ab_HTTP.404,7ab_404,7ab_URL.326c9cc518b68c60f1f844db0948990a,7ab_guest,7ab_,7ab_UCSS.7befda9636ba492231eff827c679fbce,7ab_MIN.d4a7771d8223e4da1f3053ad09288e5b.css,7ab_MIN.a7a5977c535a5ac96302095e21cf3591.js
x-litespeed-cache: miss
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1hNr0XpInB1RpFZww6Khc5dnPZJg5bZEWJL5lqTDo0QJ0bugQfRnEEZeaV6CCFu8KxwCMBOPn4hBR5QwOwgN8c5VNZCSy9Qmg1CCwuLZpW134XeWAELVCvKrlsviEhT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1070820b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-includes/js/jquery/jquery.min.js
104.21.93.97200 OK 0 B URL HTTP/2 zenitdent.com/wp-includes/js/jquery/jquery.min.js
IP 104.21.93.97:0
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:26 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:25 GMT
last-modified: Wed, 02 Nov 2022 12:22:13 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpyuLIXFZxcq5Q9BF%2BEY6SR55wpZSTv7%2Ff%2FT1QPRHNNdybI3JlSAVKOl7QdVb3imOvBH%2Bk4Y7XLKAgpYEoUxqoHkPdNdGPz070NfQzGzJPflKcLbRDE3hy%2BB1PkTnsyO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee114e803b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
104.21.93.97200 OK 0 B URL HTTP/2 zenitdent.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
IP 104.21.93.97:0
GET /wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0 HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.1.1671439707.0.0.0; _ga=GA1.1.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:28 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Sat, 10 Dec 2022 10:00:29 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: HIT
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6YS8KY8nhw8l5m2Ct6fDCgB4ThxPy%2FNA1ZriWqevInP8VQnD5kbajiOHSwu3sJhcecmdgwe4CDaarlvIuj9Ok6D%2FMpx4tP34yjp3W1vpg4EjlellGXzAZ6qShaV5WEtx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee1201cd3b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
104.21.93.97200 OK 0 B URL HTTP/2 zenitdent.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 104.21.93.97:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: zenitdent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zenitdent.com/ceum/?APETMRO=6
Cookie: quform_session_9cbfc7b125de7b52c1b29b77b8f0fdac=oZKmgyWmiohHW78F2NXeUSLs8mDG443lZIGmj11x; _lscache_vary=fd603e2f6e31ef659c78e9372eb08101; pll_language=tr; _ga_KTKHDTN9XH=GS1.1.1671439706.1.0.1671439706.0.0.0; _ga=GA1.2.2138405285.1671439707; _gid=GA1.2.527032592.1671439707; _gat_gtag_UA_248919276_3=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Dec 2022 08:48:27 GMT
content-type: application/javascript
cache-control: public, max-age=31557600
expires: Tue, 19 Dec 2023 14:48:26 GMT
last-modified: Sat, 10 Dec 2022 10:00:39 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az46Msw8%2BLvPNCJWbyCh1qeXX1oFp%2B5OYuPY1BXOtCeWpKvEWYoKoBLGtH1gvXY1LyJkeRS%2Fk5Onmx3GwvkoOqv5uYg%2FOOWmsva8Hr4cMo8NdXOBkN2pmhrgeTo1xKBJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77bee11b7f41b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2