hxxp://betterbiz[.]live

Analysis

max time kernel
52s
max time network
62s
platform
windows10-2004_x64
resource
win10v2004-20221111-en
resource tags

arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
submitted
14/02/2023, 18:05 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://betterbiz.live

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Suspicious behavior: EnumeratesProcesses 12 IoCs

pid	Process
2900	chrome.exe
2900	chrome.exe
5008	chrome.exe
5008	chrome.exe
3500	chrome.exe
3500	chrome.exe
404	chrome.exe
404	chrome.exe
116	chrome.exe
116	chrome.exe
3932	chrome.exe
3932	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 6 IoCs

pid	Process
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe

Suspicious use of FindShellTrayWindow 26 IoCs

pid	Process
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe
5008	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 5008 wrote to memory of 948	5008	chrome.exe	82
PID 5008 wrote to memory of 948	5008	chrome.exe	82
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2612	5008	chrome.exe	85
PID 5008 wrote to memory of 2900	5008	chrome.exe	86
PID 5008 wrote to memory of 2900	5008	chrome.exe	86
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88
PID 5008 wrote to memory of 1368	5008	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" http://betterbiz.live
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=89.0.4389.114 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff871a84f50,0x7ff871a84f60,0x7ff871a84f70
  2⤵
  PID:948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1680 /prefetch:2
  2⤵
  PID:2612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=network --mojo-platform-channel-handle=2016 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:2900
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2312 /prefetch:8
  2⤵
  PID:1368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2968 /prefetch:1
  2⤵
  PID:3564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2948 /prefetch:1
  2⤵
  PID:700
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4288 /prefetch:8
  2⤵
  PID:4224
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4564 /prefetch:1
  2⤵
  PID:3968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5124 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5132 /prefetch:8
  2⤵
  PID:3704
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --disable-gpu-compositing --lang=en-US --extension-process --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5064 /prefetch:1
  2⤵
  PID:4696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5264 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4952 /prefetch:1
  2⤵
  PID:3696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2828 /prefetch:1
  2⤵
  PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:116
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1632,13753243252754100493,18173309058943150910,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 /prefetch:8
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3932

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:3144

Network

DNS

betterbiz.live

chrome.exe

Remote address:

8.8.8.8:53

Request

betterbiz.live

IN A

Response

betterbiz.live

IN A

34.208.155.173
DNS

clients2.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.168.238
DNS

accounts.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

accounts.google.com

IN A

Response

accounts.google.com

IN A

142.251.36.45
GET

https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D95%2526e%253D1

chrome.exe

Remote address:

172.217.168.238:443

Request

GET /service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D95%2526e%253D1 HTTP/2.0
host: clients2.google.com
x-goog-update-interactivity: fg
x-goog-update-appid: pkedcjkdefgpdelpbcmbmeomcjbeemfm
x-goog-update-updater: chromecrx-89.0.4389.114
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://clients2.google.com/service/update2/crx?response=redirect&x=uc%26installsource%3Dsignature%26id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.53.0

chrome.exe

Remote address:

172.217.168.238:443

Request

GET /service/update2/crx?response=redirect&x=uc%26installsource%3Dsignature%26id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.53.0 HTTP/2.0
host: clients2.google.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

chrome.exe

Remote address:

142.251.36.45:443

Request

POST /ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard HTTP/2.0
host: accounts.google.com
content-length: 1
origin: https://www.google.com
content-type: application/x-www-form-urlencoded
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://betterbiz.live/

chrome.exe

Remote address:

34.208.155.173:80

Request

GET / HTTP/1.1
Host: betterbiz.live
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 301 Moved Permanently

Server: nginx
Date: Tue, 14 Feb 2023 18:06:15 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://betterbiz.live/
GET

https://betterbiz.live/

chrome.exe

Remote address:

34.208.155.173:443

Request

GET / HTTP/2.0
host: betterbiz.live
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: text/html
content-length: 307
x-accel-version: 0.01
last-modified: Fri, 27 Jan 2023 14:43:53 GMT
etag: "1d0-5f33fe4f18621-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

88.221.25.169

a1952.dscq.akamai.net

IN A

88.221.25.153
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

88.221.25.169:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' *.identrust.com
Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
ETag: "37d-5f433188daa00"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Tue, 14 Feb 2023 19:06:16 GMT
Date: Tue, 14 Feb 2023 18:06:16 GMT
Connection: keep-alive
DNS

assets.plesk.com

chrome.exe

Remote address:

8.8.8.8:53

Request

assets.plesk.com

IN A

Response

assets.plesk.com

IN CNAME

1226552209.rsc.cdn77.org

1226552209.rsc.cdn77.org

IN A

185.76.10.12

1226552209.rsc.cdn77.org

IN A

185.76.10.2
GET

https://assets.plesk.com/static/default-website-content/public/default-website-index.js

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/default-website-index.js HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-61d9"
expires: Mon, 02 Jan 2023 12:10:47 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 79D0:4085:1AD6C5E:1C40053:63B2C76F
via: 1.1 varnish
age: 591
x-served-by: cache-ams21041-AMS
x-cache-hits: 1
x-timer: S1672661438.372282,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 72d3126962035159ff05aa66e4e84ca8b806a38f
x-accel-expires: @1676398462
server: CDN77-Turbo
x-77-nzt: AblMCgpP5On/cgAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb635f6ced2a
x-cache: HIT
x-age: 114
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/bundle.js

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/bundle.js HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-47d12"
expires: Mon, 02 Jan 2023 12:11:19 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: F760:C23C:1BABFBF:1D16489:63B2C78F
via: 1.1 varnish
age: 114
x-served-by: cache-ams21077-AMS
x-cache-hits: 1
x-timer: S1672660993.400288,VS0,VE16
vary: Accept-Encoding
x-fastly-request-id: 455e5ee36e50778e7db47ac59da9ec5eca5f2925
x-accel-expires: @1676398055
server: CDN77-Turbo
x-77-nzt: AblMCgqPVVT/CQIAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb63a94efd31
x-cache: HIT
x-age: 521
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/logo-ebb972.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/logo-ebb972.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-86f"
expires: Mon, 02 Jan 2023 12:12:00 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 4BD4:8918:5511AB:59360E:63B2C7C4
via: 1.1 varnish
age: 102
x-served-by: cache-ams21069-AMS
x-cache-hits: 1
x-timer: S1672661034.307584,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 71f309dbf40fc2fea2c992014af1b49368d4017e
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgo0vA3/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb639fca7c32
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/question-mark-circle-2b854e.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/question-mark-circle-2b854e.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-1ce"
expires: Mon, 02 Jan 2023 12:12:27 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 3C00:0E6D:8B10B8:92BF13:63B2C817
via: 1.1 varnish
age: 19
x-served-by: cache-ams21033-AMS
x-cache-hits: 1
x-timer: S1672661034.308304,VS0,VE4
vary: Accept-Encoding
x-fastly-request-id: aad79dc9c69e343f648e3e93f219495f6303a8da
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgpY6y7/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb63711d8432
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/try-online-demo-e76f32.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/try-online-demo-e76f32.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-6e9"
expires: Mon, 02 Jan 2023 12:13:35 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C3C4:A7DC:1B289C0:1C9272B:63B2C817
via: 1.1 varnish
age: 19
x-served-by: cache-ams21068-AMS
x-cache-hits: 1
x-timer: S1672661034.308900,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 331f05304de2397419696eda104d05ea1e51a7a8
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgoKcab/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb63fbad8832
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/plesk-guides-466bdb.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/plesk-guides-466bdb.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-8e6"
expires: Mon, 02 Jan 2023 12:12:12 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: B11C:D7EF:12EFCF8:13DEB33:63B2C7C4
via: 1.1 varnish
age: 102
x-served-by: cache-ams21068-AMS
x-cache-hits: 1
x-timer: S1672661034.326598,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 74df61237ed579bd18f2203dccb2039014ef9fdc
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgqF7H3/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb6345e08d32
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/knowlede-base-e4cf57.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/knowlede-base-e4cf57.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-332"
expires: Mon, 02 Jan 2023 12:13:46 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 2042:4085:1ADB1B4:1C4482D:63B2C822
via: 1.1 varnish
age: 7
x-served-by: cache-ams21066-AMS
x-cache-hits: 1
x-timer: S1672661034.330481,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 59b0f29a87b461aad07c52febc79687fc9866866
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgrUNOT/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb63b11b9232
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/forum-a9076c.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/forum-a9076c.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-1569"
expires: Mon, 02 Jan 2023 12:13:35 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 5310:0B52:9FD0EE:A86170:63B2C817
via: 1.1 varnish
age: 19
x-served-by: cache-ams21022-AMS
x-cache-hits: 1
x-timer: S1672661034.333538,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 213bd0d3b61881989dc0573d7e5539362d77acba
x-accel-expires: @1676398047
server: CDN77-Turbo
x-77-nzt: AblMCgrCJJr/EQIAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb6383ab9532
x-cache: HIT
x-age: 529
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/developers-blog-1dd547.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/developers-blog-1dd547.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-51f"
expires: Mon, 02 Jan 2023 12:11:51 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: EEB0:A7DC:1B267CB:1C90415:63B2C7C4
via: 1.1 varnish
age: 102
x-served-by: cache-ams21033-AMS
x-cache-hits: 1
x-timer: S1672661034.332704,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 4b798b4c803ee15cfba6f68297a66103853baec3
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgq5zSr/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb639d7b9a32
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/video-guides-0ca174.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/video-guides-0ca174.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-509"
expires: Mon, 02 Jan 2023 12:12:12 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 861C:D7EF:12EFD07:13DEB41:63B2C7C4
via: 1.1 varnish
age: 102
x-served-by: cache-ams21060-AMS
x-cache-hits: 1
x-timer: S1672661034.330923,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 86635d44fbfbf906fa3e4dd31a16690fcb21cc22
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgq3s3D/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb6340259c32
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/facebook-2e0b41.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/facebook-2e0b41.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-318"
expires: Mon, 02 Jan 2023 12:11:51 GMT
cache-control: max-age=600
x-proxy-cache: HIT
x-github-request-id: 7EBE:33F1:157B0D5:1697972:63B2C7C9
via: 1.1 varnish
age: 97
x-served-by: cache-ams21047-AMS
x-cache-hits: 1
x-timer: S1672661034.335174,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 898b60d02eb269d4341e46b18c051b635133fd66
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgohZYf/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb63dbbf9d32
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/header-bg-6827b7.svg

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/header-bg-6827b7.svg HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/svg+xml
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: W/"63b2c75a-132"
expires: Mon, 02 Jan 2023 12:12:17 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 5A12:8CE3:1BA5CAC:1D103E3:63B2C7C9
via: 1.1 varnish
age: 97
x-served-by: cache-ams21033-AMS
x-cache-hits: 2
x-timer: S1672661034.327372,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 074b6a5bc9acef5bcf5ee77b0bdf58999c29ce53
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgoy7rv/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb6329359f32
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
content-encoding: gzip
GET

https://assets.plesk.com/static/default-website-content/public/img/header-domain-page-98961e.png

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/header-domain-page-98961e.png HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/png
content-length: 191877
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: "63b2c75a-2ed85"
expires: Mon, 02 Jan 2023 12:12:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 8BA2:0B52:9FC0A5:A850A3:63B2C7F1
via: 1.1 varnish
age: 348
x-served-by: cache-ams21021-AMS
x-cache-hits: 1
x-timer: S1672661326.570781,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: bf9e987d942ae8e68619a61efecaf60f4c086ec1
x-accel-expires: @1676398499
server: CDN77-Turbo
x-77-nzt: AblMCgp82DD/TQAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb632fd3a032
x-cache: HIT
x-age: 77
x-77-pop: amsterdamNL
x-77-cache: HIT
accept-ranges: bytes
GET

https://assets.plesk.com/static/default-website-content/public/img/guy-cc224f.png

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/img/guy-cc224f.png HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: image/png
content-length: 9999
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: "63b2c75a-270f"
expires: Mon, 02 Jan 2023 12:13:35 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: DA18:29FA:969D7F:9EED78:63B2C817
via: 1.1 varnish
age: 19
x-served-by: cache-ams21071-AMS
x-cache-hits: 1
x-timer: S1672661034.334353,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: be4c913fd5b5203824295274d212b85eba702d5f
x-accel-expires: @1676398336
server: CDN77-Turbo
x-77-nzt: AblMCgpXbiz/8AAAAA
x-77-nzt-ray: 2109d1103d6e8d8b98cdeb6344b0a232
x-cache: HIT
x-age: 240
x-77-pop: amsterdamNL
x-77-cache: HIT
accept-ranges: bytes
GET

https://assets.plesk.com/static/default-website-content/public/favicon-2d0e10.ico

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/favicon-2d0e10.ico HTTP/2.0
host: assets.plesk.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 113459
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: "63b2c75a-1bb33"
expires: Mon, 02 Jan 2023 12:11:34 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 761A:0B52:9F9FF0:A82EB0:63B2C79E
via: 1.1 varnish
age: 479
x-served-by: cache-ams21037-AMS
x-cache-hits: 1
x-timer: S1672661374.303466,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: 180a8d4ffc62b05c170c8d9ab495143a40cc6b85
x-accel-expires: @1676398223
server: CDN77-Turbo
x-77-nzt: AblMCgq9Wpb/ZQEAAA
x-77-nzt-ray: 2109d1103d6e8d8b9ccdeb635f22fb12
x-cache: HIT
x-age: 357
x-77-pop: amsterdamNL
x-77-cache: HIT
accept-ranges: bytes
GET

https://assets.plesk.com/static/default-website-content/public/fonts/lato-v16-latin-regular-65e877.woff2

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/fonts/lato-v16-latin-regular-65e877.woff2 HTTP/2.0
host: assets.plesk.com
origin: https://betterbiz.live
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:16 GMT
content-type: font/woff2
content-length: 23484
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: "63b2c75a-5bbc"
expires: Mon, 02 Jan 2023 12:10:46 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 733C:F56C:1B4BB0E:1CB575E:63B2C76E
via: 1.1 varnish
age: 110
x-served-by: cache-ams21069-AMS
x-cache-hits: 1
x-timer: S1672660957.598283,VS0,VE4
vary: Accept-Encoding
x-fastly-request-id: 0a9059fab921216b4a4b4f35b93f5c9e1b858a5e
x-accel-expires: @1676398327
server: CDN77-Turbo
x-77-nzt: AblMCgpPdrr/+QAAAA
x-77-nzt-ray: 2109d110ac64908d98cdeb6331ddad33
x-cache: HIT
x-age: 249
x-77-pop: amsterdamNL
x-77-cache: HIT
accept-ranges: bytes
GET

https://assets.plesk.com/static/default-website-content/public/fonts/lato-v16-latin-700-f1405b.woff2

chrome.exe

Remote address:

185.76.10.12:443

Request

GET /static/default-website-content/public/fonts/lato-v16-latin-700-f1405b.woff2 HTTP/2.0
host: assets.plesk.com
origin: https://betterbiz.live
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: font
referer: https://betterbiz.live/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Tue, 14 Feb 2023 18:06:17 GMT
content-type: font/woff2
content-length: 22992
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 02 Jan 2023 12:00:26 GMT
access-control-allow-origin: *
etag: "63b2c75a-59d0"
expires: Mon, 02 Jan 2023 12:10:46 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: C542:0EF5:95D43E:9DF4B2:63B2C76E
via: 1.1 varnish
age: 146
x-served-by: cache-ams21077-AMS
x-cache-hits: 1
x-timer: S1672660993.421689,VS0,VE9
vary: Accept-Encoding
x-fastly-request-id: 7e14268c541aa803a0328dec86fe10f75c795505
x-accel-expires: @1676398499
server: CDN77-Turbo
x-77-nzt: AblMCgpJn/n/TgAAAA
x-77-nzt-ray: 2109d110ac64908d99cdeb636bfad70a
x-cache: HIT
x-age: 78
x-77-pop: amsterdamNL
x-77-cache: HIT
accept-ranges: bytes
DNS

dns.google

chrome.exe

Remote address:

8.8.8.8:53

Request

dns.google

IN A

Response

dns.google

IN A

8.8.8.8

dns.google

IN A

8.8.4.4
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGZpcmVob3NlCXVzLXdlc3QtMglhbWF6b25hd3MDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCGZpcmVob3NlCXVzLXdlc3QtMglhbWF6b25hd3MDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnVwZGF0ZQpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnVwZGF0ZQpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGNsaWVudHMyEWdvb2dsZXVzZXJjb250ZW50A2NvbQAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCGNsaWVudHMyEWdvb2dsZXVzZXJjb250ZW50A2NvbQAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzbAdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3NzbAdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABCWJldHRlcmJpegRsaXZlAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABCWJldHRlcmJpegRsaXZlAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNlbnRyeQJpbwAAAQABAAApEAAAAAAAAFoADABWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABBnNlbnRyeQJpbwAAAQABAAApEAAAAAAAAFoADABWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABEGNvbnRlbnQtYXV0b2ZpbGwKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABEGNvbnRlbnQtYXV0b2ZpbGwKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
GET

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

chrome.exe

Remote address:

8.8.8.8:443

Request

GET /dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA HTTP/2.0
host: dns.google
accept: application/dns-message
accept-language: *
user-agent: Chrome
accept-encoding: identity
POST

https://update.googleapis.com/service/update2/json?cup2key=10:669957553&cup2hreq=8c332e4ec5334800e900e9b80c823d55a6b6d71534955b318db22ea310dcc6b8

chrome.exe

Remote address:

142.250.179.163:443

Request

POST /service/update2/json?cup2key=10:669957553&cup2hreq=8c332e4ec5334800e900e9b80c823d55a6b6d71534955b318db22ea310dcc6b8 HTTP/2.0
host: update.googleapis.com
content-length: 2094
x-goog-update-appid: aapocclcgogkmnckokdopfmhonfmgoek,aohghmighlieiainnegkcijnfilokake,apdfllckaahabafndbhieahigkjlhalf,blpcfgokakmgnkcojhhkbfbldkacnbeo,felcaaldnbdncclmgdcncolpebgiejap,ghbmnnjooekpmoecnnnilnnbdlolhkhi,nmmhkkegccagdldgiimedpiccmgmieda,pjkljhegncpnkpknbcohdijeoejaedia
x-goog-update-interactivity: bg
x-goog-update-updater: chromecrx-89.0.4389.114
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://update.googleapis.com/service/update2/json

chrome.exe

Remote address:

142.250.179.163:443

Request

POST /service/update2/json HTTP/2.0
host: update.googleapis.com
content-length: 1075
content-type: application/json
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://clients2.googleusercontent.com/crx/blobs/Acy1k0bkSj9E3KZozaRsdL0aFpYBxVTL9okXuAKO78ilGOHxBrZChDs7p2nuUcZNS4kkVikJSLxUEuyYcv0SVp8m1sCm3SZXxhK_PgqFtcryOGXG6XrgAMZSmuW44v75e3kf3ezusTVCmmf08VoZog/extension_1_53_0_0.crx

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /crx/blobs/Acy1k0bkSj9E3KZozaRsdL0aFpYBxVTL9okXuAKO78ilGOHxBrZChDs7p2nuUcZNS4kkVikJSLxUEuyYcv0SVp8m1sCm3SZXxhK_PgqFtcryOGXG6XrgAMZSmuW44v75e3kf3ezusTVCmmf08VoZog/extension_1_53_0_0.crx HTTP/2.0
host: clients2.googleusercontent.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://clients2.googleusercontent.com/crx/blobs/Acy1k0YAadzpzT1rZO7tJCxMrfL67UI87hPju3UJ1jrDmyNvkq_04H0lX28y9uQlXM1Tu1uGF1pW_xPW3tHFED0d7euqoW7RO5Y1GFSTIQ54v-KNAYeyAMZSmuVEAp0hGjl09nb4tW1OjMsj2BWzdQ/extension_1_53_0_0.crx

chrome.exe

Remote address:

142.251.36.1:443

Request

GET /crx/blobs/Acy1k0YAadzpzT1rZO7tJCxMrfL67UI87hPju3UJ1jrDmyNvkq_04H0lX28y9uQlXM1Tu1uGF1pW_xPW3tHFED0d7euqoW7RO5Y1GFSTIQ54v-KNAYeyAMZSmuVEAp0hGjl09nb4tW1OjMsj2BWzdQ/extension_1_53_0_0.crx HTTP/2.0
host: clients2.googleusercontent.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb

chrome.exe

Remote address:

216.58.208.99:443

Request

GET /safebrowsing/csd/client_model_v5_variation_6.pb HTTP/2.0
host: ssl.gstatic.com
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://www.gstatic.com/generate_204

chrome.exe

Remote address:

142.250.179.195:80

Request

GET /generate_204 HTTP/1.1
Host: www.gstatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 204 No Content

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Date: Tue, 14 Feb 2023 18:06:26 GMT
GET

https://betterbiz.live:8443/

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET / HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://betterbiz.live/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Tue, 14 Feb 2023 18:06:49 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: https://betterbiz.live:8443/login.php
GET

https://betterbiz.live:8443/login.php

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /login.php HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://betterbiz.live/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 303 See Other

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Tue, 14 Feb 2023 18:06:49 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Location: https://betterbiz.live:8443/login_up.php
GET

https://betterbiz.live:8443/login_up.php

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /login_up.php HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
Cache-Control: max-age=0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: https://betterbiz.live/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 28 May 1999 00:00:00 GMT
Last-Modified: Tue, 14 Feb 2023 18:06:49 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
GET

https://betterbiz.live:8443/ui-library/plesk-ui-library.css?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /ui-library/plesk-ui-library.css?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:50 GMT
Content-Type: text/css
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-2ceab"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/cp/theme/css/main.css?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /cp/theme/css/main.css?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:50 GMT
Content-Type: text/css
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-4ecbf"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/modules/lite-banners/global.css?1674714765

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /modules/lite-banners/global.css?1674714765 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:50 GMT
Content-Type: text/css
Last-Modified: Thu, 26 Jan 2023 06:32:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d21e8d-18a"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/cp/javascript/externals/require.js?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /cp/javascript/externals/require.js?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-4562"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/cp/javascript/externals/prototype.js?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /cp/javascript/externals/prototype.js?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-17b8d"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/modules/letsencrypt/global.js?1675924116

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /modules/letsencrypt/global.js?1675924116 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Thu, 09 Feb 2023 06:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63e49294-2d6"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/images/favicon.svg?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /images/favicon.svg?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:53 GMT
Content-Type: image/svg+xml
Content-Length: 634
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63bd9023-27a"
Accept-Ranges: bytes
GET

https://betterbiz.live:8443/modules/letsencrypt/global.css?1675924116

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /modules/letsencrypt/global.css?1675924116 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:50 GMT
Content-Type: text/css
Last-Modified: Thu, 09 Feb 2023 06:28:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63e49294-2a4"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/cp/javascript/vendors.js?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /cp/javascript/vendors.js?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-151256"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: same-origin
Sec-Fetch-Dest: image
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:53 GMT
Content-Type: image/svg+xml
Content-Length: 260783
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63bd9023-3faaf"
Accept-Ranges: bytes
GET

https://betterbiz.live:8443/modules/route53/global.css?1675233159

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /modules/route53/global.css?1675233159 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: text/css,*/*;q=0.1
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: style
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:50 GMT
Content-Type: text/css
Last-Modified: Wed, 01 Feb 2023 06:32:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63da0787-3a"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/cp/javascript/main.js?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /cp/javascript/main.js?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-9812e"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
Origin: https://betterbiz.live:8443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://betterbiz.live:8443/ui-library/plesk-ui-library.css?1673367587
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:53 GMT
Content-Type: font/woff2
Content-Length: 61548
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63bd9023-f06c"
Accept-Ranges: bytes
GET

https://betterbiz.live:8443/modules/notifier/global.js?1676096930

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /modules/notifier/global.js?1676096930 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Sat, 11 Feb 2023 06:28:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63e735a2-3aa5"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/ui-library/plesk-ui-library.min.js?1673367587

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /ui-library/plesk-ui-library.min.js?1673367587 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bd9023-76860"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/cp/theme/images/logos/plesk/logo.svg

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /cp/theme/images/logos/plesk/logo.svg HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:53 GMT
Content-Type: image/svg+xml
Content-Length: 2728
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63bd9023-aa8"
Accept-Ranges: bytes
GET

https://betterbiz.live:8443/modules/lite-banners/global.js?1674714765

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /modules/lite-banners/global.js?1674714765 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://betterbiz.live:8443/login_up.php
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:51 GMT
Content-Type: application/javascript
Last-Modified: Thu, 26 Jan 2023 06:32:45 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d21e8d-9ed"
Content-Encoding: gzip
GET

https://betterbiz.live:8443/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5

chrome.exe

Remote address:

34.208.155.173:8443

Request

GET /ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5 HTTP/1.1
Host: betterbiz.live:8443
Connection: keep-alive
Origin: https://betterbiz.live:8443
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Accept: */*
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: cors
Sec-Fetch-Dest: font
Referer: https://betterbiz.live:8443/ui-library/plesk-ui-library.css?1673367587
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Server: sw-cp-server
Date: Tue, 14 Feb 2023 18:06:53 GMT
Content-Type: font/woff2
Content-Length: 59600
Last-Modified: Tue, 10 Jan 2023 16:19:47 GMT
Connection: keep-alive
ETag: "63bd9023-e8d0"
Accept-Ranges: bytes

93.184.220.29:80

322 B
7
172.217.168.238:443

https://clients2.google.com/service/update2/crx?response=redirect&x=uc%26installsource%3Dsignature%26id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.53.0

tls, http2

chrome.exe

2.3kB
10.3kB
19
23

HTTP Request

GET https://clients2.google.com/service/update2/crx?os=win&arch=x64&os_arch=x86_64&nacl_arch=x86-64&prod=chromecrx&prodchannel=&prodversion=89.0.4389.114&lang=en-US&acceptformat=crx3&x=id%3Dpkedcjkdefgpdelpbcmbmeomcjbeemfm%26v%3D0.0.0.0%26installedby%3Dother%26uc%26ping%3Dr%253D95%2526e%253D1

HTTP Request

GET https://clients2.google.com/service/update2/crx?response=redirect&x=uc%26installsource%3Dsignature%26id%3Dghbmnnjooekpmoecnnnilnnbdlolhkhi%26v%3D1.53.0
142.251.36.45:443

https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard

tls, http2

chrome.exe

1.7kB
7.5kB
14
16

HTTP Request

POST https://accounts.google.com/ListAccounts?gpsia=1&source=ChromiumBrowser&json=standard
34.208.155.173:80

http://betterbiz.live/

http

chrome.exe

663 B
537 B
5
4

HTTP Request

GET http://betterbiz.live/

HTTP Response

301
34.208.155.173:80

betterbiz.live

chrome.exe

144 B
104 B
3
2
34.208.155.173:443

https://betterbiz.live/

tls, http2

chrome.exe

1.7kB
6.5kB
13
16

HTTP Request

GET https://betterbiz.live/

HTTP Response

200
88.221.25.169:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

324 B
1.6kB
4
4

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
185.76.10.12:443

https://assets.plesk.com/static/default-website-content/public/favicon-2d0e10.ico

tls, http2

chrome.exe

12.2kB
441.2kB
206
327

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/default-website-index.js

HTTP Response

200

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/bundle.js

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/logo-ebb972.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/question-mark-circle-2b854e.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/try-online-demo-e76f32.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/plesk-guides-466bdb.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/knowlede-base-e4cf57.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/forum-a9076c.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/developers-blog-1dd547.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/video-guides-0ca174.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/facebook-2e0b41.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/header-bg-6827b7.svg

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/header-domain-page-98961e.png

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/img/guy-cc224f.png

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/favicon-2d0e10.ico

HTTP Response

200
185.76.10.12:443

https://assets.plesk.com/static/default-website-content/public/fonts/lato-v16-latin-700-f1405b.woff2

tls, http2

chrome.exe

2.7kB
55.3kB
34
49

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/fonts/lato-v16-latin-regular-65e877.woff2

HTTP Response

200

HTTP Request

GET https://assets.plesk.com/static/default-website-content/public/fonts/lato-v16-latin-700-f1405b.woff2

HTTP Response

200
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABEGNvbnRlbnQtYXV0b2ZpbGwKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

4.3kB
13.3kB
40
57

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGZpcmVob3NlCXVzLXdlc3QtMglhbWF6b25hd3MDY29tAAABAAEAACkQAAAAAAAAQwAMAD8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnVwZGF0ZQpnb29nbGVhcGlzA2NvbQAAAQABAAApEAAAAAAAAE4ADABKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCGNsaWVudHMyEWdvb2dsZXVzZXJjb250ZW50A2NvbQAAAQABAAApEAAAAAAAAEUADABBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3NzbAdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABCWJldHRlcmJpegRsaXZlAAABAAEAACkQAAAAAAAAVQAMAFEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABBnNlbnRyeQJpbwAAAQABAAApEAAAAAAAAFoADABWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABEGNvbnRlbnQtYXV0b2ZpbGwKZ29vZ2xlYXBpcwNjb20AAAEAAQAAKRAAAAAAAABEAAwAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
8.8.8.8:443

https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

tls, http2

chrome.exe

1.6kB
7.0kB
14
16

HTTP Request

GET https://dns.google/dns-query?dns=AAABAAABAAAAAAABA3d3dwdnc3RhdGljA2NvbQAAAQABAAApEAAAAAAAAFQADABQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
35.89.72.109:443

firehose.us-west-2.amazonaws.com

tls

chrome.exe

3.0kB
7.6kB
15
19
142.250.179.163:443

https://update.googleapis.com/service/update2/json

tls, http2

chrome.exe

7.7kB
8.9kB
21
24

HTTP Request

POST https://update.googleapis.com/service/update2/json?cup2key=10:669957553&cup2hreq=8c332e4ec5334800e900e9b80c823d55a6b6d71534955b318db22ea310dcc6b8

HTTP Request

POST https://update.googleapis.com/service/update2/json
142.251.36.1:443

https://clients2.googleusercontent.com/crx/blobs/Acy1k0YAadzpzT1rZO7tJCxMrfL67UI87hPju3UJ1jrDmyNvkq_04H0lX28y9uQlXM1Tu1uGF1pW_xPW3tHFED0d7euqoW7RO5Y1GFSTIQ54v-KNAYeyAMZSmuVEAp0hGjl09nb4tW1OjMsj2BWzdQ/extension_1_53_0_0.crx

tls, http2

chrome.exe

3.9kB
123.1kB
56
97

HTTP Request

GET https://clients2.googleusercontent.com/crx/blobs/Acy1k0bkSj9E3KZozaRsdL0aFpYBxVTL9okXuAKO78ilGOHxBrZChDs7p2nuUcZNS4kkVikJSLxUEuyYcv0SVp8m1sCm3SZXxhK_PgqFtcryOGXG6XrgAMZSmuW44v75e3kf3ezusTVCmmf08VoZog/extension_1_53_0_0.crx

HTTP Request

GET https://clients2.googleusercontent.com/crx/blobs/Acy1k0YAadzpzT1rZO7tJCxMrfL67UI87hPju3UJ1jrDmyNvkq_04H0lX28y9uQlXM1Tu1uGF1pW_xPW3tHFED0d7euqoW7RO5Y1GFSTIQ54v-KNAYeyAMZSmuVEAp0hGjl09nb4tW1OjMsj2BWzdQ/extension_1_53_0_0.crx
216.58.208.99:443

https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb

tls, http2

chrome.exe

2.9kB
91.9kB
43
73

HTTP Request

GET https://ssl.gstatic.com/safebrowsing/csd/client_model_v5_variation_6.pb
35.89.72.109:443

firehose.us-west-2.amazonaws.com

tls

chrome.exe

2.3kB
6.9kB
12
16
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.0kB
8
9
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.0kB
8
9
142.250.179.195:80

http://www.gstatic.com/generate_204

http

chrome.exe

498 B
259 B
4
3

HTTP Request

GET http://www.gstatic.com/generate_204

HTTP Response

204
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

https://betterbiz.live:8443/images/favicon.svg?1673367587

tls, http

chrome.exe

9.6kB
181.2kB
82
146

HTTP Request

GET https://betterbiz.live:8443/

HTTP Response

303

HTTP Request

GET https://betterbiz.live:8443/login.php

HTTP Response

303

HTTP Request

GET https://betterbiz.live:8443/login_up.php

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/ui-library/plesk-ui-library.css?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/cp/theme/css/main.css?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/modules/lite-banners/global.css?1674714765

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/cp/javascript/externals/require.js?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/cp/javascript/externals/prototype.js?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/modules/letsencrypt/global.js?1675924116

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/images/favicon.svg?1673367587

HTTP Response

200
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

910 B
512 B
6
6
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

910 B
512 B
6
6
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

909 B
5.1kB
8
10
34.208.155.173:8443

https://betterbiz.live:8443/ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4

tls, http

chrome.exe

16.2kB
734.6kB
300
535

HTTP Request

GET https://betterbiz.live:8443/modules/letsencrypt/global.css?1675924116

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/cp/javascript/vendors.js?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/ui-library/images/symbols.svg?282a024a3dd7555a41ef6815c5fb72e4

HTTP Response

200
34.208.155.173:8443

https://betterbiz.live:8443/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd

tls, http

chrome.exe

6.2kB
227.6kB
90
173

HTTP Request

GET https://betterbiz.live:8443/modules/route53/global.css?1675233159

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/cp/javascript/main.js?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd

HTTP Response

200
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

910 B
512 B
6
6
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

910 B
512 B
6
6
34.208.155.173:8443

https://betterbiz.live:8443/cp/theme/images/logos/plesk/logo.svg

tls, http

chrome.exe

5.6kB
187.9kB
77
145

HTTP Request

GET https://betterbiz.live:8443/modules/notifier/global.js?1676096930

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/ui-library/plesk-ui-library.min.js?1673367587

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/cp/theme/images/logos/plesk/logo.svg

HTTP Response

200
34.208.155.173:8443

betterbiz.live

tls

chrome.exe

914 B
759 B
5
5
34.208.155.173:8443

https://betterbiz.live:8443/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5

tls, http

chrome.exe

3.1kB
63.9kB
30
53

HTTP Request

GET https://betterbiz.live:8443/modules/lite-banners/global.js?1674714765

HTTP Response

200

HTTP Request

GET https://betterbiz.live:8443/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5

HTTP Response

200
35.188.42.15:443

sentry.io

tls

chrome.exe

2.1kB
4.9kB
7
7
35.89.72.109:443

firehose.us-west-2.amazonaws.com

tls

chrome.exe

3.2kB
7.6kB
14
18
93.184.221.240:80

230 B
5

224.0.0.251:5353

chrome.exe

1.2kB
20
8.8.8.8:53

betterbiz.live

dns

chrome.exe

60 B
76 B
1
1

DNS Request

betterbiz.live

DNS Response

34.208.155.173
8.8.8.8:53

clients2.google.com

dns

chrome.exe

65 B
105 B
1
1

DNS Request

clients2.google.com

DNS Response

172.217.168.238
8.8.8.8:53

accounts.google.com

dns

chrome.exe

65 B
81 B
1
1

DNS Request

accounts.google.com

DNS Response

142.251.36.45
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

88.221.25.169

88.221.25.153
8.8.8.8:53

assets.plesk.com

dns

chrome.exe

62 B
132 B
1
1

DNS Request

assets.plesk.com

DNS Response

185.76.10.12

185.76.10.2
8.8.8.8:53

dns.google

dns

chrome.exe

56 B
88 B
1
1

DNS Request

dns.google

DNS Response

8.8.8.8

8.8.4.4

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response