igmg.site/
51.195.6.66301 Moved Permanently 162 B IP 51.195.6.66:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 09 Dec 2022 08:01:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://igmg.site/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12192
Expires: Fri, 09 Dec 2022 11:25:07 GMT
Date: Fri, 09 Dec 2022 08:01:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9786
Expires: Fri, 09 Dec 2022 10:45:01 GMT
Date: Fri, 09 Dec 2022 08:01:55 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 07:08:18 GMT
content-type: application/json
age: 3217
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9469
Expires: Fri, 09 Dec 2022 10:39:44 GMT
Date: Fri, 09 Dec 2022 08:01:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: f/6xYDtPpSnpbCNJHX9xSar9Lc1NnVrwTDEXjxTdCDVmkRW4QVslWG8uVNPAUzGWEV0atwGN6XQ=
x-amz-request-id: XQVHZCWT18ZRSF5J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 07:48:15 GMT
age: 820
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:55 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 04619724c447d623a3856f9b0939c5d2
6747c3e96d9a7c38daccdcf2fb6ab9ac8c619268
b6d6f6cd885af35133c81ae48e82def50b7c216c1585aa9cf8043359b6a9cbbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B6D6F6CD885AF35133C81AE48E82DEF50B7C216C1585AA9CF8043359B6A9CBBD"
Last-Modified: Wed, 07 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21514
Expires: Fri, 09 Dec 2022 14:00:29 GMT
Date: Fri, 09 Dec 2022 08:01:55 GMT
Connection: keep-alive
igmg.site/system
51.195.6.66301 Moved Permanently 233 B IP 51.195.6.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 84565f4bd848790acc0d97cbfad343dc
d5d36eac47d960d695b06ab6bbdda0350729c3f6
faa4c981c4c96a0ec17ad1a519c05efdafae7e67fe7205681d3fb53565d91a9c
Analyzer Verdict Alert fortinet Malware
GET /system HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Fri, 09 Dec 2022 08:01:55 GMT
content-type: text/html; charset=iso-8859-1
content-length: 233
location: https://igmg.site/system/
x-cache-status: MISS
x-powered-by: PleskLin
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 07:07:55 GMT
age: 3240
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/dropzone/5.4.0/dropzone.css
104.17.25.14200 OK 1.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/dropzone/5.4.0/dropzone.css
IP 104.17.25.14:0
Hash 593403dc4ce9adcdf7d8b44f18513be3
ab9859e2e1e1440884c15e707e9c2eb655c60711
8dfffecd68c0f0dec371039f73aeb8d4d8551e350b42cca7da50e2d7df142263
GET /ajax/libs/dropzone/5.4.0/dropzone.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css; charset=utf-8
content-length: 1464
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e3e-312b"
last-modified: Mon, 04 May 2020 16:09:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 120584
expires: Wed, 29 Nov 2023 08:01:56 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iANvtMKpeT%2FBmqyiyL6lgphgrmw0p8A2RSq1SDlxp%2BWlCyOc8WBe%2B1wW1pjn19q%2B3xLzsCrMAsdLaYqpGZFiXIwYloMYWit4uPMw%2FAyX9lnWyaxYBw9zQUOLAXM8sUvuM8SwAua4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776c3735dceeb51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5374
Cache-Control: max-age=95670
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 08:01:56 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:36:26 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 08:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4604
Cache-Control: max-age=105700
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 08:01:56 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 13:23:36 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
igmg.site/system/assets/js/js.cookie.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/js.cookie.min.js
IP 51.195.6.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/js.cookie.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
content-length: 0
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "0-5df4b45069287"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.sparkline.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.sparkline.min.js
IP 51.195.6.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.sparkline.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
content-length: 0
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "0-5df4b450682e7"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program5.png?r=409405202
51.195.6.66200 OK 34 kB URL HTTP/2 igmg.site/system/images/program5.png?r=409405202
IP 51.195.6.66:0
File type PNG image data, 150 x 150, 8-bit/color RGB, non-interlaced\012- data
Hash 10df1fbe515007849e1dce800a69b332
3476224effecaa7c050cdebba17da09699e356c5
f914c7f0a5075be27429eae01730847ab78864d092d6e3cfdedcc9f08d95ea74
Analyzer Verdict Alert fortinet Malware
GET /system/images/program5.png?r=409405202 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 34008
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-84d8"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/iros_amblem.png?r=1574231162
51.195.6.66200 OK 4.3 kB URL HTTP/2 igmg.site/system/images/iros_amblem.png?r=1574231162
IP 51.195.6.66:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash e06152b0921f030754d80520b1a27237
8ab440c4bbce55cf374773017051a4defec1739b
1aa1d9de13ca429b7affd44fffe6709e3885a1cf962a9878e7abcfb40da026b1
Analyzer Verdict Alert fortinet Malware
GET /system/images/iros_amblem.png?r=1574231162 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 4281
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-10b9"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program7.png?r=661075204
51.195.6.66200 OK 17 kB URL HTTP/2 igmg.site/system/images/program7.png?r=661075204
IP 51.195.6.66:0
File type PNG image data, 143 x 132, 8-bit/color RGB, non-interlaced\012- data
Hash eeb2d5fe356d71a3128c903cb041b306
a9b1c3099a347e38a886a075a6a75737631c9667
314f0cf28a9f6341b3c47f96c0ecf06a7c929b495b502907a987afed8fa7feed
Analyzer Verdict Alert fortinet Malware
GET /system/images/program7.png?r=661075204 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 16669
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-411d"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program4.png?r=1002230582
51.195.6.66200 OK 2.4 kB URL HTTP/2 igmg.site/system/images/program4.png?r=1002230582
IP 51.195.6.66:0
File type PNG image data, 77 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 7385f9e6996f26e048e0656af1a63b55
da3e1b9166f1a8171a7b3b0ecdd0fcad8d7fe1ec
c4e1e74d6ad27c277320efec9e1bd55897e424be35b22abf1fcb5ef015984e79
Analyzer Verdict Alert fortinet Malware
GET /system/images/program4.png?r=1002230582 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 2363
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-93b"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program1.png?r=1700665251
51.195.6.66200 OK 3.9 kB URL HTTP/2 igmg.site/system/images/program1.png?r=1700665251
IP 51.195.6.66:0
File type PNG image data, 85 x 82, 8-bit/color RGBA, non-interlaced\012- data
Hash f546ddd9ea85f69f04b23bbcb9a6bbab
1e0f5dacbd43e2b6ceb0693ddc9ed5e4ff868928
96c507fd8ed7b25af04082722480424f2d88ad77144c65739ea5b259f7d97d71
Analyzer Verdict Alert fortinet Malware
GET /system/images/program1.png?r=1700665251 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 3922
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-f52"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program2.png?r=1006365281
51.195.6.66200 OK 2.7 kB URL HTTP/2 igmg.site/system/images/program2.png?r=1006365281
IP 51.195.6.66:0
File type PNG image data, 200 x 133, 8-bit colormap, non-interlaced\012- data
Hash 8a8445dbaf9c9daba257bd6142958234
7fbf1239846097347b75409cb833ec003e712965
e6ad65ffc98707290032a8b8a7711f732a47b130098f7df9e76d59171b06bb0f
Analyzer Verdict Alert fortinet Malware
GET /system/images/program2.png?r=1006365281 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 2699
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-a8b"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program4.png?r=608856211
51.195.6.66200 OK 2.4 kB URL HTTP/2 igmg.site/system/images/program4.png?r=608856211
IP 51.195.6.66:0
File type PNG image data, 77 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 7385f9e6996f26e048e0656af1a63b55
da3e1b9166f1a8171a7b3b0ecdd0fcad8d7fe1ec
c4e1e74d6ad27c277320efec9e1bd55897e424be35b22abf1fcb5ef015984e79
Analyzer Verdict Alert fortinet Malware
GET /system/images/program4.png?r=608856211 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 2363
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-93b"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/images/program3.png?r=297436418
51.195.6.66200 OK 2.4 kB URL HTTP/2 igmg.site/system/images/program3.png?r=297436418
IP 51.195.6.66:0
File type PNG image data, 92 x 83, 8-bit/color RGBA, non-interlaced\012- data
Hash 00ac55dafb6bed7c22fa6f79e268bffa
e3a16f6fa4b23db5ac1567a7f7a25ee8b30176cd
2fd5cbee7816a3a0ac5863064f0e7836fc5f2e9e53174984139aaa02a108f31c
Analyzer Verdict Alert fortinet Malware
GET /system/images/program3.png?r=297436418 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 2358
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-936"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/assets/js/quick-sidebar.min.js
51.195.6.66200 OK 1.1 kB URL HTTP/2 igmg.site/system/assets/js/quick-sidebar.min.js
IP 51.195.6.66:0
File type HTML document, ASCII text, with very long lines (2787), with no line terminators
Hash c40b1fad8e32fb1e2f1417870ea217fa
3484b61c582eae7691a9ceaf5385159088cf8f57
6e3ea6b8ac29f6970092c111ebb7b5bebd94709b808b1e058c18e04d1b39acd6
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/quick-sidebar.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ae3"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ttt1/wBV5Suueoev0Qsntg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MWS7WQN2P3s6BMEq2dNqiDrFryE=
igmg.site/system/assets/js/jquery.easypiechart.min.js
51.195.6.66200 OK 9.3 kB URL HTTP/2 igmg.site/system/assets/js/jquery.easypiechart.min.js
IP 51.195.6.66:0
File type ASCII text, with very long lines (3695)
Hash 529a415c4a7eafa3949625bf5fab3ad4
52def9b57f69a2490de1a66251923ac3324ea3cb
5003caaa71caebea415e70488c2dd7c0a543307b4cda43bf1410510a84549bda
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.easypiechart.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-f4e"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/xlsx@0.18.5/dist/xlsx.full.min.js
104.16.126.175200 OK 292 kB URL HTTP/2 unpkg.com/xlsx@0.18.5/dist/xlsx.full.min.js
IP 104.16.126.175:0
Size 292 kB (292448 bytes)
Hash 01bd6375a3b408095c27530dce40af27
4dab9111a39dacc61e2aafb8ef1fde5182bf5840
e077ccda14d27881ac5c5208d54a1bdcd78d9142cfcd4bfc3b065453a850db30
GET /xlsx@0.18.5/dist/xlsx.full.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igmg.site/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"d743f-f3SfgaRaUyKRNsbB8dUNyxbdwjM"
via: 1.1 fly.io
fly-request-id: 01G754ETJDY0FY3YHJ5RCQMFCX-fra
cf-cache-status: HIT
age: 13616825
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776c373628b3b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/tinymce/tinymce.min.js
51.195.6.66200 OK 144 kB URL HTTP/2 igmg.site/system/assets/tinymce/tinymce.min.js
IP 51.195.6.66:0
File type ASCII text, with very long lines (32023)
Size 144 kB (144494 bytes)
Hash 90835f2c3a018c8338f3c232d6eb74dc
5b13e783d15d1de610dcca34a0ee0389c1c14599
2693eb634f6cbda30d63069c7d835ddc83dba522ff1b950ac246adf053dba07b
Analyzer Verdict Alert fortinet Malware
GET /system/assets/tinymce/tinymce.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-72a93"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/colorbox/jquery.colorbox-min.js
51.195.6.66200 OK 4.9 kB URL HTTP/2 igmg.site/system/assets/colorbox/jquery.colorbox-min.js
IP 51.195.6.66:0
File type ASCII text, with very long lines (11887)
Hash 1f45558660b7277aa33a2cae99d99935
f6872b4d32b7441276f07e6e228f706abde5b83a
3a266a772a040fac53b659600f2c5ed4ceabdbdee72f7a7c041d6bd8acc67b7d
Analyzer Verdict Alert fortinet Malware
GET /system/assets/colorbox/jquery.colorbox-min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-2eb8"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/bootbox.min.js
51.195.6.66200 OK 6.1 kB URL HTTP/2 igmg.site/system/assets/js/bootbox.min.js
IP 51.195.6.66:0
File type Unicode text, UTF-8 text, with very long lines (17381), with CRLF line terminators
Hash 8f455d08412d82a4fe2f001daed241c4
5a44ac3f72303f2155af935f1ada11bc6ab588bd
d76a04a479e3087cd5094fb6bd437647dbf482a1a5a31d0ec9aa7bbc76e54b0e
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/bootbox.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-4543"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 08:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igmg.site/system/assets/js/dashboard.min.js
51.195.6.66200 OK 51 kB URL HTTP/2 igmg.site/system/assets/js/dashboard.min.js
IP 51.195.6.66:0
File type ASCII text, with very long lines (21261), with no line terminators
Hash 18788e897be59416ba477bcca52de9cb
7c247681d9f4f2dbfeeee1b62265765bbd46410f
274a9f8e64d9c7d4daae58f2daee139691e81d65677b05beb22b0f3aa8318f2e
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/dashboard.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-530d"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.sampledata.js
51.195.6.66200 OK 32 kB URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.sampledata.js
IP 51.195.6.66:0
File type ASCII text, with very long lines (2386), with no line terminators
Hash 30e295e6174a1b6c06b08267432366d9
64ca63936c161860ef8f68c2788724f097806a10
d675b1c67ee8086f8ed4b7debcd693e5a1740525f1be8d1fed67c538e6bd2e02
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.sampledata.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-952"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.js
51.195.6.66200 OK 67 kB URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.js
IP 51.195.6.66:0
Hash ecd254f5f711d8b15f3dc7e6d3d8a7d9
7066bb02318387ba54a8bd1f6180ba60c9029ddb
561afbaa4edd3e09ded9fafa7a8558d16052d22d209c5f565f17e9d81049bf2e
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-6ba2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/quick-nav.min.js
51.195.6.66200 OK 656 B URL HTTP/2 igmg.site/system/assets/js/quick-nav.min.js
IP 51.195.6.66:0
File type ASCII text, with very long lines (415), with no line terminators
Hash db37875a486bb6df83ac9eaada6589f6
68829988af19a076e3e474bfd10687b6baa726a9
e15e9c00970082c13a97201029f81f4814c5c958844e6addf7ffecffd078adb1
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/quick-nav.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"19f-5df4b45069a57"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 08:01:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 08:01:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
igmg.site/system/assets/js/additional-methods.min.js
51.195.6.66200 OK 5.4 kB URL HTTP/2 igmg.site/system/assets/js/additional-methods.min.js
IP 51.195.6.66:0
File type Unicode text, UTF-8 text, with very long lines (17065)
Hash 5ae50afab566506781030681b08bd441
9d7f9ac3f0ef0be0cc431c22366897d2293d861b
02cbfa29a0b8d18fb0b9b2686c69b13c2dbd33502b2efa96225caa73554ef15c
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/additional-methods.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-433a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13473
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 08:01:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13473
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 08:01:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13473
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 08:01:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13473
Expires: Fri, 09 Dec 2022 11:46:30 GMT
Date: Fri, 09 Dec 2022 08:01:57 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a22fc7807fb3337f0af5e546c7ad366a
0d5969394b370a5c77c53ed58f55e5f8a45da3ab
98b4f4fd27dc036697fb0328083bce6e691b7493428f3a54991087d9d1165d97
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49a0678c-8bda-434a-a337-63696994d79c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5530
x-amzn-requestid: adecbb8c-cec3-46a0-b32c-0026b8421fe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4d8Fg6IAMF61g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903abf-4bcb385f27cb438c36a2cd5e;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UDD0v-1I1sFVMsJl64nQDe_hHExMrSLXPrbou_J79YEQf3YwS2oklA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 06:50:54 GMT
age: 4263
etag: "0d5969394b370a5c77c53ed58f55e5f8a45da3ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 54053
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 15611
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 659b6eb1f1c430e2780758c7787b9a23
4792b0893827924e84cc51450012407717da4d2b
f14393b6bcc036fa9ed61114944ebb25192adfec72c09807eb7948a88c790d69
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f3c5738-c186-4a1f-a431-33143797bcd5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8345
x-amzn-requestid: 4e42c335-cc27-41bc-8d5c-cbe3dcc1f623
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwRBF_gIAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-254d38575d76726a4462c66f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Z2JMjvOva19O3uj7la6UmjCpwleEyo3y2IfRCp4qp5iuob0AYN9Mng==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:37:33 GMT
age: 69864
etag: "4792b0893827924e84cc51450012407717da4d2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 400d1465-ecbf-4d95-8aa8-4dce5dca0716
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctluwGo4oAMFhTg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee991-6dba29ae7065d5347a1a420d;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lazl-stakC-31gMuQ2WzH9uFkIb0g7HaaM3xkwSFdFJMWKTaKqrBEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 12:33:10 GMT
age: 70127
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34a9b9b25e57f612db5560cd05e44cce
433e295328d6c821a1df907c232bff4195e2860b
139dc677e5725c98a5d90d19b206a34a4c9f43ad87cf1d322881381e992bd5b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0d40ad-816d-4ea8-aef7-00a5af1b8c9b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 26914070-22ad-49fd-bacb-7842dcb203b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZPGd-oAMF5OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925907-5c62555a65327ff934ae232e;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gGT6ZP9a7ENOcyGNek_ac8WlyRoiYeB4KdqC2UHHlwLdWBQUhHsw7w==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 22:00:01 GMT
age: 36116
etag: "433e295328d6c821a1df907c232bff4195e2860b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
igmg.site/system/assets/select2/tr.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/select2/tr.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/select2/tr.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"305-5df4b4506a227"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/images/igmg_os_logo.png
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/images/igmg_os_logo.png
IP 51.195.6.66:0
GET /system/images/igmg_os_logo.png HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: image/png
content-length: 4912
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: "628516a9-1330"
x-cache-status: BYPASS
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.slimscroll.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.slimscroll.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.slimscroll.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1437"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/bootstrap-switch.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/bootstrap-switch.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/bootstrap-switch.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3a37"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/morris.css?1050508991
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/morris.css?1050508991
IP 51.195.6.66:0
GET /system/assets/css/morris.css?1050508991 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"1b0-5df4b450634c7"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/plugins.min.css?1709937059
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/plugins.min.css?1709937059
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/plugins.min.css?1709937059 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-a4bb"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/dataTables.min.css?16607489
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/dataTables.min.css?16607489
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/dataTables.min.css?16607489 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-342b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/?act=js_translates
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/?act=js_translates
IP 51.195.6.66:0
GET /system/?act=js_translates HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-cache-status: BYPASS
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/login.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/login.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/login.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-d1c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.waypoints.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.waypoints.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.waypoints.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1f6c"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.europe.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.europe.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.europe.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-17d75"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/xlsx/dist/shim.min.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/xlsx/dist/shim.min.js
IP 104.16.126.175:0
GET /xlsx/dist/shim.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /xlsx@0.18.5/dist/shim.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKTY489XP9C5KA27D7DJ860S-fra
cf-cache-status: HIT
age: 368
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776c3735f874b505-OSL
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/pie.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/pie.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/pie.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-394d"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/xlsx@0.18.5/dist/shim.min.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/xlsx@0.18.5/dist/shim.min.js
IP 104.16.126.175:0
GET /xlsx@0.18.5/dist/shim.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igmg.site/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"1613-Z7IllA0NQSPoxrSE6c9Sl7PgwjA"
via: 1.1 fly.io
fly-request-id: 01FYY5CX0AG90XNXEV43KMCVSJ-fra
cf-cache-status: HIT
age: 22440665
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776c373628b0b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/select2/select2.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/select2/select2.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/select2/select2.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1042e"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.2/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.2/css/all.css
IP 172.64.133.15:0
GET /releases/v5.7.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://igmg.site
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
x-amz-id-2: VMcFkOzgj0ozGftAT1Za1dh0ePyNq1DA6tl9Qlc+CynoqzXYVheJWUU2wp2tbcX1/JE9iX4Z5Lw=
x-amz-request-id: 1S09RXEQKRT49TNT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:57 GMT
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 622520
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fx0xXq%2BA90iDaMxDfV0935sSOa3P%2BwZRldZBQGOEA2lEl096SObr7%2FBnVlhoeZ5d9ZnhzvWxPHLJ5PmHWyZRIiRU3CJrMZ%2FEysUmE7E8sy0aT9Jh1e0T%2B7X3iuuVIdfUvHmvHqR%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776c37366f0888c2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/export.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/export.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/export.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-f3b9"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/pwstrength.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/pwstrength.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/pwstrength.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-9785"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/popper.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/popper.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/popper.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-52ce"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/select2.full.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/select2.full.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/select2.full.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-124fd"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/default.min.css?1336465478
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/default.min.css?1336465478
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/default.min.css?1336465478 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-5a7f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/jquery-ui.css?354731469
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/jquery-ui.css?354731469
IP 51.195.6.66:0
GET /system/assets/css/jquery-ui.css?354731469 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-91ce"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.world.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.world.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.world.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ecb8"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-17b8a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/dataloader.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/dataloader.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/dataloader.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1a8b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/bootstrap.min.css?1278785754
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/bootstrap.min.css?1278785754
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/bootstrap.min.css?1278785754 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1cc99"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/fullcalendar/lib/main.min.css?830004031
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/fullcalendar/lib/main.min.css?830004031
IP 51.195.6.66:0
GET /system/assets/fullcalendar/lib/main.min.css?830004031 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-616b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/jqvmap.css?199395578
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/jqvmap.css?199395578
IP 51.195.6.66:0
GET /system/assets/css/jqvmap.css?199395578 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"38b-5df4b450634c7"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/blob.js@1.0.1/Blob.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/blob.js@1.0.1/Blob.js
IP 104.16.126.175:0
GET /blob.js@1.0.1/Blob.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2016 10:24:13 GMT
etag: W/"1800-jszKs+14oLm7MdJGCNbZkvu8ALE"
via: 1.1 fly.io
fly-request-id: 01F52A04572E1EZHSX8W8CQKRK
cf-cache-status: HIT
age: 18682604
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776c3735e86ab505-OSL
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.validate.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.validate.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.validate.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-5262"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/login.min.css?1360882619
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/login.min.css?1360882619
IP 51.195.6.66:0
GET /system/assets/css/login.min.css?1360882619 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-e55"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/components.min.css?1598878952
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/components.min.css?1598878952
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/components.min.css?1598878952 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-a0436"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/igmgfont.css?1526585910
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/igmgfont.css?1526585910
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/igmgfont.css?1526585910 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-6c5"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/fullcalendar.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/fullcalendar.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/fullcalendar.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-180ab"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.blockui.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.blockui.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.blockui.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-2554"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/morris.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/morris.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/morris.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-8b44"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/simple-line-icons.min.css?1618917433
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/simple-line-icons.min.css?1618917433
IP 51.195.6.66:0
GET /system/assets/css/simple-line-icons.min.css?1618917433 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-256b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/file-saver@1.3.3/FileSaver.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/file-saver@1.3.3/FileSaver.js
IP 104.16.126.175:0
GET /file-saver@1.3.3/FileSaver.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Wed, 05 Oct 2016 10:43:25 GMT
etag: W/"174d-ppV+tNTWNc2klmEzFicm/vyFuQM"
via: 1.1 fly.io
fly-request-id: 01GHZQ5V4V5ACDNY7SPCPWY9M9-fra
cf-cache-status: HIT
age: 1987367
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776c3735e872b505-OSL
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/dropzone/dropzone.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/dropzone/dropzone.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/dropzone/dropzone.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-22feb"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/light.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/light.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/light.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-b62"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.flot.categories.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.flot.categories.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.flot.categories.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-a26"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.germany.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.germany.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.germany.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-d893"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.usa.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.usa.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.usa.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ba04"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/layout.min.css?1797496141
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/layout.min.css?1797496141
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/layout.min.css?1797496141 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ec89"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/ekurs.css?38469790
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/ekurs.css?38469790
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/ekurs.css?38469790 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-62b5"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery-ui.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery-ui.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery-ui.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3dee5"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/fullcalendar/lib/locales-all.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/fullcalendar/lib/locales-all.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/fullcalendar/lib/locales-all.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-47e2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.vmap.russia.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.vmap.russia.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.vmap.russia.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-267d3"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.dataTables.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.dataTables.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.dataTables.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-13ff2"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/fullcalendar/lib/main.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/fullcalendar/lib/main.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/fullcalendar/lib/main.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3c681"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/serial.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/serial.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/serial.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-c01f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/amcharts.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/amcharts.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/amcharts.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3314a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/layout.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/layout.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/layout.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-11c0"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/bootstrap.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/bootstrap.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/bootstrap.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-ea47"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/raphael-min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/raphael-min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/raphael-min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-16555"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/
51.195.6.66200 OK 0 B IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/ HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://igmg.site/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:55 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a; expires=Sun, 19-Mar-2023 08:01:55 GMT; Max-Age=8640000; path=/
x-cache-status: MISS
x-powered-by: PHP/7.4.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/colorbox.css?1534374170
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/colorbox.css?1534374170
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/colorbox.css?1534374170 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-114f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,600,700&subset=all
IP 142.250.74.74:0
GET /css?family=Open+Sans:400,300,600,700&subset=all HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 08:01:56 GMT
date: Fri, 09 Dec 2022 08:01:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
igmg.site/system/assets/js/ekurs.js?1895958112
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/ekurs.js?1895958112
IP 51.195.6.66:0
GET /system/assets/js/ekurs.js?1895958112 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 00:25:07 GMT
etag: W/"63855163-63d9"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.counterup.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.counterup.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.counterup.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-42d"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.flot.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.flot.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.flot.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-cee6"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/daterangepicker.min.css?1364579565
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/daterangepicker.min.css?1364579565
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/daterangepicker.min.css?1364579565 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-15ea"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/xlsx/dist/xlsx.full.min.js
104.16.126.175302 Found 0 B URL HTTP/2 unpkg.com/xlsx/dist/xlsx.full.min.js
IP 104.16.126.175:0
GET /xlsx/dist/xlsx.full.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /xlsx@0.18.5/dist/xlsx.full.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GKTY30V4CJKDPT9EBYHZSKWY-fra
cf-cache-status: HIT
age: 408
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 776c3735f876b505-OSL
X-Firefox-Spdy: h2
igmg.site/system/assets/css/bayrakfont.css?629003681
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/bayrakfont.css?629003681
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/bayrakfont.css?629003681 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3361"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/moment-with-locales.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/moment-with-locales.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/moment-with-locales.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-9721a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/app.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/app.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/app.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-3c77"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/select2/select2.min.css?1745462737
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/select2/select2.min.css?1745462737
IP 51.195.6.66:0
GET /system/assets/select2/select2.min.css?1745462737 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-7c8b"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/daterangepicker.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/daterangepicker.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/daterangepicker.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-7b6a"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.number.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.number.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.number.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-185f"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/
51.195.6.66200 OK 0 B IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:55 GMT
content-type: text/html
x-accel-version: 0.01
last-modified: Wed, 29 Jun 2022 10:49:44 GMT
etag: W/"28-5e293e94074cd"
x-cache-status: MISS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/css/bootstrap-switch.min.css?1399589021
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/css/bootstrap-switch.min.css?1399589021
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/css/bootstrap-switch.min.css?1399589021 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-1939"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/amcharts/export.css?746695495
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/amcharts/export.css?746695495
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/amcharts/export.css?746695495 HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: text/css
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-8397"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
igmg.site/system/assets/js/jquery.flot.resize.min.js
51.195.6.66200 OK 0 B URL HTTP/2 igmg.site/system/assets/js/jquery.flot.resize.min.js
IP 51.195.6.66:0
Analyzer Verdict Alert fortinet Malware
GET /system/assets/js/jquery.flot.resize.min.js HTTP/1.1
Host: igmg.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://igmg.site/system/
Cookie: PHPSESSID=ci9i513ncqa221n24atn58t52a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 08:01:56 GMT
content-type: application/javascript
last-modified: Wed, 18 May 2022 15:54:17 GMT
etag: W/"628516a9-928"
x-cache-status: BYPASS
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2