Report - ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download

Report Overview

Submitted URL
ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
IP
66.29.153.238
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-05 06:42:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
tpc.googlesyndication.com	126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	439 B	103 kB	142.250.74.33
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	58 kB	34.120.237.76
puneplasma.in	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	957 B	17 kB	162.0.215.53
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	849 B	7.2 kB	142.250.74.10
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	337 B	539 B	142.250.74.164
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.8 kB	104.18.32.68
bmsicl.in	297607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	11 kB	66.29.153.238
d-33354991353544758728.ampproject.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	382 B	1.1 kB	142.250.74.99
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	6.6 kB	47 kB	216.58.207.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.213.92.18
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	1.2 kB	192.0.77.48
pagead2.googlesyndication.com	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	883 B	716 B	142.250.74.130
securepubads.g.doubleclick.net	190	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	378 B	853 B	142.250.74.66
contextual.media.net	513	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	52 kB	23.38.200.22
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	853 B	1.7 kB	142.250.74.130
d-1960130804177126975.ampproject.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	1.1 kB	142.250.74.131
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.6 kB	9.8 kB	142.250.74.3
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	21 kB	142.250.74.174
irctcportal.in	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	53 kB	162.0.209.173
d-3533551061988271890.ampproject.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	1.1 kB	142.250.74.35
ntp.recruitmentdbranlu.in	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	24 kB	401 kB	66.29.153.238
cdn.ampproject.org	329	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.2 kB	275 kB	216.58.211.1
d-20372996401499540524.ampproject.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	1.1 kB	216.58.211.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	75 kB	142.250.74.163
d-10425559192361154705.ampproject.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	1.1 kB	142.250.74.67

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-05	medium	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.1	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.1	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=3.5.7	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/1and1-wordpress-assistant/js/cookies.js?ver=6.0.1	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.6.0	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.17	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.17	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.17	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1	Malware
2022-09-05	medium	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (73)

	URL	Size	First Seen	Last Seen
	cdn.ampproject.org/v0/amp-analytics-0.1.js	112 kB	2023-03-07	2023-03-17
Pretty URL cdn.ampproject.org/v0/amp-analytics-0.1.js IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:32:22 Last Seen2023-03-17 10:41:07 Times Seen1 Hash aab4dbcc7d2f9386f24b7f65eb242c21 47cb2333384e80b0a8a01e9b60b511d7e5a8572f 6574cc9aee2e78026c53eb9620a1d35cc911baed9e8f6742a9b59bb9bcfd5a4c Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0	16 kB	2023-03-07	2024-04-15
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:10 Last Seen2024-04-15 11:35:11 Times Seen217 Hash ca2c44948f1078e4664c34670e8880e9 b42f15a64e9385b0c531f905ef01cfe676af767d ce54fc66e0c96540ec003f661021f390e298d8ba478e47c8b1ebbe95702e4436 Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0	24 kB	2023-03-07	2024-03-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen422 Hash e41f2a4b95a648db78703b837706d18f ab706ee38566accffda0511b9144a0c7108d4deb 0157d11106d6b70289099fd1ce1f7bea3a9dfbb46cee3994edb07ce765bb92fc Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0	1.6 kB	2023-03-07	2024-03-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen367 Hash 9bb51bfce5c3adf7131480f2dce72224 95199bf629fbf044d37388172525281697ac5952 5b84335d42b38d3122349f53b20dd6a5cb0f45d1e45e5683fd572bcdda8c04a2 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.17	25 B	2023-03-07	2024-04-04
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.17 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2024-04-04 00:37:48 Times Seen80 Hash 477a3439cb9e1c0c964ec9c4ea8dfb09 2ea01b77c5646e7de702517261278c5020dc21dc 5094ccbebe88be6b459174d1cca74c7a024fcada1f077756ffa80878347d967b Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1	19 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 15:09:14 Times Seen38045 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-network-adsense-impl-0.1.mjs	191 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-network-adsense-impl-0.1.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 936788ff7c8e334e2b9341126ad5543e e235b5f237c6ee9d81371ccfeed06a75e4ef0196 84aac7c26443a698be77ac2ca7fbd3feb0385086f24ed06821c3628e87bfacc7 Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 15:09:13 Times Seen15497 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	cdn.ampproject.org/v0/amp-ad-exit-0.1.js	20 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/v0/amp-ad-exit-0.1.js IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2023-03-07 13:10:50 Times Seen1 Hash 83ae92032e10070acd7482cb1d43ed90 9c34d8a556fa08ca9d4fc4ad5e5036a7f7f1d22a a9d2f9a6453de41ee29bcb7d64664f97ca4409e29a0ea18cdd2b6f37ba12278a Loading...

	cdn.ampproject.org/v0/amp-analytics-0.1.mjs	96 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/v0/amp-analytics-0.1.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2023-03-07 12:42:21 Times Seen1 Hash ed809db4b8d638680a09f946c4e01a33 c0e4489bfdf1edc9404e979108bf638177685439 e4fc69dbaf500f1b825539bee7ea3afbd94055cc2a69b9ab68876cfa532ed722 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	409 B	2023-03-07	2023-05-24
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen4 Hash 3c2a7802df1d6b11c7c483b0df9a0c05 ec17668229d9134a70e3715c08372eb9a12d90f3 43554450805958098eb65c50070b972afc5bbd400236f26699e229dade167e98 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	128 B	2023-03-07	2023-03-11
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-11 22:52:04 Times Seen1 Hash cb436db50fde3b52c619621e74d4904e 7ff140c2570ec42e2df6154674641aa5a5908fc2 49fe5bf0b9f9880d3c518b35edb975c94d49391b1a593a90c0767c6d76c70960 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	425 B	2023-03-07	2023-05-24
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen4 Hash 1600fd26eb379f0e0f80f386159628f3 c0e096bd0eb6a390a4246ae68caa461699289f1c aa7ceded169cb15793509efeaf527da8b8d6f3ebcdf9677149c1a227a984ec11 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	2.0 kB	2023-03-07	2023-03-11
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-11 22:52:04 Times Seen1 Hash 40c99b57936ef4b12ccd1814d899de9f 336fc02e9d6db4bf8f234f212d3a1f3951fee278 ff4fa80bba011c4254a3e1c27cee5da9649cc88f6d6b3e242380ecfd460f6766 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	68 B	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 16:10:02 Times Seen22477 Hash d30f13da1f424ee0383b76edc55881e1 7e348a5f57ab13eedbc4ed917cdeee5bb9f9bd46 cf01a621447e67a81629bc28276677c86c48fd72c44cba83a82448574aadfd60 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.6.0	1.6 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.6.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:07 Last Seen2024-04-25 11:50:52 Times Seen947 Hash 3e6902b70ee52754121f017fd48175db 0a5d8a5716c7b249eb5e0b02d04aa74c5b9948cb 21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/1and1-wordpress-assistant/js/cookies.js?ver=6.0.1	1.0 kB	2023-03-07	2023-05-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/1and1-wordpress-assistant/js/cookies.js?ver=6.0.1 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen10 Hash f65e9d540d66c10c50ad0da8d7b95550 4acfdfe6e96946f6eed5782157258261c6bbfd69 501f65a676e03db59f69bd08cf624a8376d0a328c88d80dbd2b29be675d89411 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	6.0 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:27 Last Seen2024-04-25 12:07:50 Times Seen712 Hash 36bb41434655cf561f77987b521868e4 859b75d2e2e6eb0ff665e4ce3c3aa4d0f26d45ba 7853623597c83d5420b041e662614eddbe69a1f978214d7f4f90fcf27f8248b4 Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0	325 B	2023-03-07	2024-04-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:13 Last Seen2024-04-24 00:42:09 Times Seen1859 Hash 06f019a6ff09db6b297570940eec1d5d 872efe186950ce534aad341e7030fe24f7c672dc 53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536 Loading...

	cdn.ampproject.org/rtv/012208172101000/v0/amp-auto-lightbox-0.1.mjs	7.1 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/rtv/012208172101000/v0/amp-auto-lightbox-0.1.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 6b7da463465337ed3752115400d21433 f4866aaa910eca4af1de599f5bd006de4934d5d9 da41cf399b6d8f61439352dec1898313b7a8ef2fe9818c1c07a77188f0294737 Loading...

	cdn.ampproject.org/v0/amp-form-0.1.js	51 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/v0/amp-form-0.1.js IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:05 Last Seen2023-03-07 13:10:50 Times Seen1 Hash dfe445ad2db37b417a2f896f55b38e16 62e0ff162e1328d64843d461792fd98fde373ff2 c0d2438402797f7ff4def44bdbbc9c072e1328ce875af6589c0d9b929b24d134 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.1	62 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.1 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-25 08:53:53 Times Seen1288 Hash 99e3544139e4735274587a831002ebae 24a900bdfcefd52cbcff3bc36440af9b87cd5067 4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	142 B	2023-03-07	2024-02-23
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2024-02-23 20:20:55 Times Seen47 Hash 279b5d8dc133d8c762ec0129b434e3d9 967f692ea34d63626b36c3836280666a2766717c f68207e04fafe6136b24b4bd555a44cc5722ef178d7a996149b6909aa9b610d8 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.17	21 B	2023-03-07	2023-05-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.17 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen7 Hash 89ded0fe34feffa1323bcfd72860a4d3 a8f101e51570d63bea61484a6f21df431b7f8b59 9b72d1fa27ea4041b8580589c673ce2ef0c0d57dd1e8d1ed65426692f72a42f8 Loading...

	cdn.ampproject.org/v0/amp-ad-0.1.mjs	75 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/v0/amp-ad-0.1.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 8ee404260373f870be02c6cadef1ff3d 0f15ca51d87b0d40088bf7cad0b9ac617e79284d ec90d3b46164725d6344ba8e449b2fea64dd92c98177901375e614a71ab62dad Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.2	14 kB	2023-03-07	2023-11-11
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.2 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:42:02 Last Seen2023-11-11 18:19:38 Times Seen43 Hash 55141e1d0c6579cfd90063d7f500a4eb 21d36237c7b26f61ff3f6a8a148f4bd2cdbc7e32 e66cb3e8f70321e9cc554a5ed274c0024794d4b42c231eecfe438043369aff77 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	97 B	2023-03-07	2024-02-26
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:28 Last Seen2024-02-26 04:29:39 Times Seen125 Hash 66fcb339458284d223e4e405c1891e6a 13943f2ab40521ff798b1b1bf62683fee8c5e3e0 ebec5e100138c49136c56fed1335a5b99b3cab130260cc4af51edf990b4a99b3 Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0	20 kB	2023-03-07	2024-03-18
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:31 Last Seen2024-03-18 19:42:54 Times Seen123 Hash 693f9fb34ec76e99a64716f10813ef04 03f473afefe36d1d2e05ea04764634ed6c408fc6 ea37b726a887afb5fc602e41e00d785142ad4db5f257009f4440d47850660445 Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0	1.8 kB	2023-03-07	2024-03-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen375 Hash 7db023435c6f3a6de71502760337a7c6 ba79e4445507d934e6be6905e67bd994a87f2332 8994924c0f3ab4474ee0a7c04417ad84933c4467cc9192fcb60b9774f15f5990 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	97 kB	2023-03-07	2023-03-07
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:42:21 Last Seen2023-03-07 12:42:21 Times Seen1 Hash e7f765798a8939add466a35937491be1 fb6faa937eaccbd4e9c31b45217d31d1018e7059 f6523e62a57d2ca516bae91ff61d290b94cee1233d747afaf6ca5bd054143bd5 Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 09:54:53 Times Seen31826 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	428 B	2023-03-07	2023-03-07
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 1caf8e5f27cfe8c2a1918c86ecc9a5c0 71a961e69c7d36c91125f0d2a315389e3550f352 c02a96e7dac7c423439bc1f47b7e84e31cbd937de58f7e79addc767fa10d3ed1 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	547 B	2023-03-07	2024-04-21
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:27 Last Seen2024-04-21 21:41:45 Times Seen800 Hash 72ecf089f7218ce818f9343b0d8605c8 eaca38a2b0bbb02baff43bf7bf744754895be919 7abb14c1a1354a9bdcef15e7aae35669ea821c9565138a7eeb29960f3b502831 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	130 B	2023-03-07	2024-04-02
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-04-02 01:58:54 Times Seen518 Hash b3ea79b734a4cd996cde38736d5f1347 a8d89ab9ebd6bd7e1287e35382449e1e759df078 0e284f72f2f8837a0155c664ddf8731d717f95d5baff0e547fef8a2d35413344 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.6.0	1.0 kB	2023-03-07	2024-04-11
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.6.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:09 Last Seen2024-04-11 14:36:30 Times Seen744 Hash 624ebb44eb0fd0fd92d0a0433823c630 44010ca531b82a13513375597adb4c08b77473fa a8a819d7548b9c102d7776cb645212ca1e324ac2de2170598699061e29bc6cbf Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0	19 kB	2023-03-07	2023-12-09
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:41:50 Last Seen2023-12-09 17:30:46 Times Seen54 Hash 871efab9edbf8b31f9645cd2d545a4b2 f1c0bc7006ee4cf46bafbe333dc4fca82c8944b3 ac102e5ac32bf9d04852bd46b1ed524a61e99ea7216b222f990a61ad937a7d25 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	93 B	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:09 Last Seen2024-04-25 11:50:52 Times Seen387 Hash 38798e7e8bc5c07bbdfd5370b2507f22 2932a6b78f0434d9e211897685ca0c4b2decf61b a5acef2881fc7bd08395b14bdcebc4c71d78b7e3794ca77addc180d8f4ffa7fc Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.1	21 kB	2023-03-07	2024-04-23
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.1 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-23 17:19:03 Times Seen1058 Hash c6946dff4854d4611da8aef36666b938 9118198bd2a853baa4644c6e819427150ca35160 7028ef6262d35db7dc22b05df3cbb3e93595ce90cd340fdc356620d961b01224 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	91 B	2023-03-07	2024-04-23
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:06 Last Seen2024-04-23 17:19:01 Times Seen476 Hash f231cf3015cd0931ba33e825343b48bb d6cfcbf58092bcbaec13e419e264d9e2894bbd86 98de1de200c64542b0278f062765eb2e6536fafbee1cb221b3f20e7ca73bc709 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	111 B	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:09 Last Seen2024-04-25 11:50:52 Times Seen335 Hash c6f494191e9e5c281dbab8f8d0b3a418 0ece403656f730a041965d860ba4ad7067859a66 b1c27134592d1d1c85667216827d274186cf9861e0bc4be87439ece542c112d6 Loading...

	cdn.ampproject.org/amp4ads-v0.js	268 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/amp4ads-v0.js IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2023-03-07 13:10:50 Times Seen1 Hash 1c32e436d284bc904244b8d76306a5eb ca4aec960c9f5313f93786d5c774e72baa485158 8719011d38465e3ac86eec8fe0f16c68846ac74eea1740295d28cbb23ac9933c Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 15:09:13 Times Seen68624 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	128 B	2023-03-07	2023-03-11
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2023-03-11 22:52:03 Times Seen1 Hash 472e6434f3178bc1c7c685437e70efc1 5a1f3408c2ff5a313ffef90c1899c8956719f736 113f0a46ba2deb634fb7dcbbe1b05e7f0febce9929edfe6ada1bdc1f5839c1ff Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.0	3.4 kB	2023-03-07	2024-03-18
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2024-03-18 19:42:54 Times Seen131 Hash 4578bbe2adf531cee4bec6a19c4b81c1 8d26f0b81f8a7a62e3e1ab143a96ad9668801450 830afbea215ec452ea905a7e4705cf3ea2bad82c2278f755791d85be2d5e2eb1 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.2	3.1 kB	2023-03-07	2024-04-23
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.2 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:05 Last Seen2024-04-23 16:10:17 Times Seen1356 Hash eb4b89beeb46187d0fe50838c2cfdc4d 784d1bf5af84c22ef434ce64ed4c20a9ad19929b d8be3a402a3b2ad808402cea111ba3d286239d88e06c8e2969c84f46050dc88a Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 16:10:26 Times Seen37066378 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.52	40 kB	2023-03-07	2024-04-23
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.52 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:09 Last Seen2024-04-23 17:19:03 Times Seen669 Hash 23e21b730855e815510da406687ff619 22a6dd980e86f07f835ab5aee0aa60855582920b 4358a96884097724055a07c198c9eda6732136d6377c01e8ce5699993eff6d46 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.6.0	3.0 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.6.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:07 Last Seen2024-04-25 11:50:52 Times Seen910 Hash 53e0fbdc5d79d07d6d955e523f8d2996 e830d0de78b481e31995d69bfda2e71f4cc1be56 2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949 Loading...

	cdn.ampproject.org/v0/amp-fit-text-0.1.js	7.0 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/v0/amp-fit-text-0.1.js IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2023-03-07 13:10:50 Times Seen1 Hash 321a5709555e0ffc0d567dca2a6a2fbd 746692dcba80a7a36754a201afcfaac50f06c4c5 33a564e36912b6af278b0026922d1bfccf11504d670f2a764c2ba7262ba3ddb3 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	2.2 kB	2023-03-07	2023-03-07
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-07 12:42:21 Times Seen1 Hash ba68ae43a7e56a93a686e685a3ed78df 61198643cff694c8f4a5a6a7b4159c6e5d35da46 923623f85f858bd6811243135e725dd2c30cd0e0230f6f14864ebd859062f8b2 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	135 B	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:28 Last Seen2024-04-25 12:07:50 Times Seen925 Hash 6d370053752bcccfea3a05ed1f958f00 dc27a1f8c079d10b6bcb12d934690d5ac13b8245 712b83e1fb7bba23edc0cad83735386653ae53ac4751130d8a1a32340eced84b Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	409 B	2023-03-07	2023-05-06
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-06 10:58:17 Times Seen3 Hash ae914439c9211aa6f7d300d2764963c3 1fd5b62cc59fb63bcb29f3c089f81f67aaa0c4bf 2e1efcbd2dc516e06ab7ad535c17f3fdbe3fbbf2405cc83d672e03a8a5ffe978 Loading...

	cdn.ampproject.org/v0.mjs	226 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/v0.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 12438d67efb0afc6c164c221d2fd3eb9 a73dbbab066759c2e0e4808271c5892e3a29e110 20bee6d842ee66e66472f2e0c7fec746cd15a45b37b2d51ba5286efd14926550 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	148 B	2023-03-07	2023-03-11
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-11 22:52:04 Times Seen1 Hash 8ecef1315077fbd8941baaf29852f463 6136c924847a4031ac46a90e5515a17555e7d63d fa6c7aa868149b52df659226782fea8a3f398e1e62b6ee1c80ecf02818db008b Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3	4.9 kB	2023-03-07	2024-04-25
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 15:09:13 Times Seen24390 Hash b33ab4d5dcf02436276a717e9d1b7c18 f47b9a9c41b3b11c9dffabca22945727c3ec6566 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106	6.1 kB	2023-03-07	2024-04-18
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:56 Last Seen2024-04-18 11:14:36 Times Seen1100 Hash db6afe5fc3125bfbb7631cdc894f95f7 cec78215c216e4bc1c03c1393f459fe1c972ee84 4b179562b883c1257aabbad3a5641f965dd7331faa31fe06382a5d8c62d5ee19 Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.17	112 B	2023-03-07	2024-04-04
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.17 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-04-04 00:37:48 Times Seen49 Hash c4964199de2b605263034861b5046ae6 1f214bb25a6a8de13e645bd011fb7c4247756be5 471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	277 B	2023-03-07	2023-05-24
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:46 Times Seen4 Hash 865dc4e3d8e5b702a7fcf2857f4bdefb 5cf29bca4d9c9d6e5f2eff8223ffd2544247a18a 22d69c42b8aeed89f5918885d70e521c30d7365d5c9377574d2c8448178911a5 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	128 B	2023-03-07	2023-03-26
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-26 05:58:30 Times Seen2 Hash ed5028e34a17dbfe38897b40af163432 2d40229c342eb9641349daa39b9ceb6de8601d86 ea1cdff4b613d61a7055b46b15155033a95948d793a30cb521a15c82d89ed54c Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	411 B	2023-03-07	2023-05-24
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen4 Hash 24464781af8fff45742d6993e9523077 1ef8a30379cba3ba4fc08a41790180b71fda4b31 cf417ef2592c70c443fe0d4c86d71a7cfa768a24dd82cfd61aecfa61a3373b64 Loading...

	ntp.recruitmentdbranlu.in/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94	10 kB	2023-03-07	2024-04-24
Pretty URL ntp.recruitmentdbranlu.in/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-24 18:24:18 Times Seen2080 Hash f270dd1f483179fdcfb29ce5f91aea13 166661187a97f0b6b685ec4dbdff871e9824168f 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7 Loading...

	ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0	2.8 kB	2023-03-07	2024-03-24
Pretty URL ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:35 Last Seen2024-03-24 15:29:31 Times Seen127 Hash e9f21af5b1806b53c8b1339af81f36b3 338063f68e9c4a87cfb94cdd71bf2dd58e4a0e9a 2b32be0979cb9f2119bd22563ed89560525c15a8edfd6e662a1968314783f689 Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	949 B	2023-03-07	2023-03-07
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 1eaae72b89c29375627ede186fd3f9b6 2e941dcfe6ab76d7cb789aff529af2f803dde6ba 3978d2d0aa5914a0a00c69982e9d69fa7a23eeac39c150de14b6120a71d85fba Loading...

	ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download	205 B	2023-03-07	2024-02-14
Pretty URL ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:45 Last Seen2024-02-14 05:04:48 Times Seen167 Hash b9275afb963c47c6a409a0d0f8976601 78e7e20e0f7ee43cb6aff30200d07d65987de8e7 cb5af91b543f6d13c83a3d0e242ef0f4d78526940d93c867f4cdc7dc4b16313e Loading...

	cdn.ampproject.org/rtv/012208172101000/v0/amp-loader-0.1.mjs	12 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/rtv/012208172101000/v0/amp-loader-0.1.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2023-03-07 12:42:21 Times Seen1 Hash d67a9a62fdef22613fcc82e69f9236f0 ca9180804b6ee152b0d71b4c05d04a8472c45c41 47e2d10c01da370fc7e0ecb29f6498ed3feb75a771bac78ac905566d2982faa4 Loading...

	cdn.ampproject.org/rtv/012208172101000/v0/amp-lightbox-gallery-0.1.mjs	57 kB	2023-03-07	2023-03-07
Pretty URL cdn.ampproject.org/rtv/012208172101000/v0/amp-lightbox-gallery-0.1.mjs IP 216.58.211.1 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-07 12:42:21 Times Seen1 Hash fa5656d43b0741d28b912be3985c4a9a 312a197d31aa3ad91f95499dad1abbd76685e237 8b5e855d07906c6e84f93dfe76bdc275521e9ad53a6537b24f75a4a1b6ca4b2c Loading...

	ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.17	24 B	2023-03-07	2024-04-04
Pretty URL ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.17 IP 66.29.153.238 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04:36 Last Seen2024-04-04 00:37:48 Times Seen81 Hash 0118f3cf342eba35959e0bb9069b73a6 0b46a14b395eb6a644bef2d19567762f15b5f23c 9a737aee22dcfd3be2498d406cd05c854b2922041c49ae8baebfd0cffdbb2c1f Loading...

		Size	First Seen	Last Seen
	#1 Write - fe54c9268107485602fea9292f5175d4	320 B	2023-03-07	2023-05-24
Pretty Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen4 Hash fe54c9268107485602fea9292f5175d4 11fea31c9daaea761e2dc369fa248c669ad6f394 4289869e49cb379ed187e93c20e94fae2631c238648bce9849985c500e5a13f3 Loading...

	#2 Write - 820c0cd4067da661f380cb7b779ee2c0	1.9 kB	2023-03-07	2023-03-11
Pretty Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-11 22:52:04 Times Seen1 Hash 820c0cd4067da661f380cb7b779ee2c0 46277d6532c39fbe17b8a2451fbeecf31702df08 715a40bfa279e263bdf3aa2f92f816abb95e7d8382f63e6f2e06869be7adda37 Loading...

	#3 Write - e9c5a2a8192722944b6912948d7dcef8	304 B	2023-03-07	2023-05-06
Pretty Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-06 10:58:18 Times Seen3 Hash e9c5a2a8192722944b6912948d7dcef8 e0e05c9199740aed42be533ace857e9af4fe4fbb 6769afdcf475a14296722d812bbdfdaafaa88cc9d952e273f23bdbc0de5e0edc Loading...

	#4 Write - 6adb21893a080c2b7e1feb5d2a4c3ae2	323 B	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 12:08:22 Last Seen2023-03-07 12:42:21 Times Seen1 Hash 6adb21893a080c2b7e1feb5d2a4c3ae2 057be57b7ecbf472824b2ddf0c17afd63fd7c12e 1ca831f992cf938e4c9fe6cba2449cbc05ff61db9269b6a452465856a0043433 Loading...

	#5 Write - ab9c09630ac88c589ff76532fe038309	304 B	2023-03-07	2023-05-24
Pretty Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen4 Hash ab9c09630ac88c589ff76532fe038309 89361c831ce97b06de3a4c390dd33487212de525 dcdcb9aff2296973289b4b67ef467f0fdfd98ae97d0a13c1eefeeea816b17e00 Loading...

	#6 Write - 16386dfda98f64fe459c722a79c45ddc	306 B	2023-03-07	2023-05-24
Pretty Observations First Seen2023-03-07 12:08:22 Last Seen2023-05-24 10:58:47 Times Seen4 Hash 16386dfda98f64fe459c722a79c45ddc 6b8a2efc3151f4295b77159b726f18368ab956c5 a91a97608524893e605151a0ec1486be6420d4697eb6c0532753acb5e4ecb7ae Loading...

HTTP Transactions (132)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 05 Sep 2022 05:44:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: dLUN5nkOgDiuoSF9O-jjbtxsDRtzQGCpBrEB-R_1CwzG8QuTwdAleQ==
Age: 3434

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Mon, 05 Sep 2022 07:27:11 GMT
Date: Mon, 05 Sep 2022 06:41:59 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.35

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 05 Sep 2022 01:15:19 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: hKQlVu_vYbe0FnxkI3sfjCscNUx-rOTD9V0gb53FmgvooOl5od3PQw==
age: 19602
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download

66.29.153.238

301 Moved Permanently

0 B

URL HTTP/1.1
ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /category/sumita-arora-c-class-12-book-pdf-download HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
expires: Sat, 03 Sep 2022 08:39:00 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
x-litespeed-cache: hit
content-length: 0
date: Mon, 05 Sep 2022 06:41:59 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:41:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 05 Sep 2022 06:38:16 GMT
Cache-Control: max-age=3600
Expires: Mon, 05 Sep 2022 07:15:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tmXVGbYAVVQ-wwMfJxtAtkPf0TFbzA2hi2-GkKWISope6-EbmhFt8g==
Age: 224

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1a7d042859a6a5a4eae1091efdda61f5
127fe097fef72872ab3d3ec25b773ad5edcd7a35
14e739c1dedc1150c3eee0805c69625c56af17e1c98800b3a930d3e0d50df2d2

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 06:42:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 22:55:00 GMT
Expires: Sun, 11 Sep 2022 22:54:59 GMT
Etag: "127fe097fef72872ab3d3ec25b773ad5edcd7a35"
Cache-Control: max-age=576178,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745cfb800cbd1c0a-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
77d035f38a45e8a1ec30d5fe9611880b
01cf34de95257da64dac90edf5a86203f1160271
7dc687d6bb1679ba5567e58b4f8c1e78766e7ee36273ba7f62068c595d57f7f3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6359
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:00 GMT
Last-Modified: Mon, 05 Sep 2022 04:56:01 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.213.92.18

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.213.92.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f9LZ+yHd8P2o1VWVRoF41A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: pz/9sQkIJAjP+Vu7oNYmEJoEWIk=

ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download

66.29.153.238

200 OK

49 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
49 kB (48744 bytes)
Hash
9dd7e70427ae2c55e678ad46f60cddaf
41d8038cd3e8b3572dfff35d14fac5d8438fcd85
8a96d2d1e6060afba69bd7cebb27985be0f35c5f8890a9c6126448ba441be695

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /category/sumita-arora-c-class-12-book-pdf-download HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
link: <https://ntp.recruitmentdbranlu.in/wp-json/>; rel="https://api.w.org/", <https://ntp.recruitmentdbranlu.in/wp-json/wp/v2/categories/1848>; rel="alternate"; type="application/json"
cache-control: public, max-age=3600
expires: Mon, 29 Aug 2022 21:18:30 GMT
etag: "88624-1661804310;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 48744
date: Mon, 05 Sep 2022 06:42:00 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:42:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b15f3f14bd92b7a544ec2347e6810c7b
dd55fd8396d796082edabb5ab6e2d7fb3b51b731
87c27c4b0288f31faa405ba5247767d1f299938551bd284212ee487dbb0deb63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "87C27C4B0288F31FAA405BA5247767D1F299938551BD284212EE487DBB0DEB63"
Last-Modified: Fri, 02 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2633
Expires: Mon, 05 Sep 2022 07:25:54 GMT
Date: Mon, 05 Sep 2022 06:42:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19cfd495-15a1-4f00-830a-847f2f2dd961.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19cfd495-15a1-4f00-830a-847f2f2dd961.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7369 bytes)
Hash
1e2e5ba9413ee60c9e54787384c04f06
cae52e3364fe3b9ccc3c4c3477452d7a52835cd7
3ef1d513413b4a19adb7bbf302c1cea3e16e805e1e2e35ce6bcf40003d81d5db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19cfd495-15a1-4f00-830a-847f2f2dd961.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7369
x-amzn-requestid: afce5140-1b0e-45de-a556-5b588a325c2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X6ZsRGquoAMFtNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63140981-269413dc69a3229831211548;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 02:12:17 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 6F6e0JHG3g5Z55919XKXMeOEoXL_FLAGXFqTxOjajtPTtQitYupRTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 12:47:26 GMT
age: 64475
etag: "cae52e3364fe3b9ccc3c4c3477452d7a52835cd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5459 bytes)
Hash
7fe061740ad833cfe7ff0fe078d6810d
15d0fc3fdced758b5797361bae0fd53341e0581d
5409b6775bca5afd03901975c61c27f267efe2c8a8e739f05ebc52a938c5a368

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F022243d2-ac74-4a81-b31f-104b203bf550.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5459
x-amzn-requestid: a75bf8a5-dc96-4a88-9de5-b79d1d62ff21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XxB_bFMFoAMFkEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631049fc-2685c90962d8af5f4a7b5908;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 05:58:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YqgTII0TYwznz5DfHLFpfzTPh08akwJSWc3wIf-YpBgUrs84AYM2Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 22:15:00 GMT
age: 30421
etag: "15d0fc3fdced758b5797361bae0fd53341e0581d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0855d1b6-f16d-4dd0-9fde-a9453425f201.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7431 bytes)
Hash
c96c8c1d4fe4a550a59dd4ba09843a7c
99ece60b2c12ebc34512a58c886c997e273ad1ad
78157b35e481a8d31e3fbdf60d01332ae97a4bb939235e8ba566b1bd4e1d8d7b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0855d1b6-f16d-4dd0-9fde-a9453425f201.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7431
x-amzn-requestid: 0953983e-8c57-49ae-9b52-fe127c73a4a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaH8IGUmIAMFY1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6307204d-06266aa31b508580324f07ab;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:10:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NkadqENBWW1-qAK4_05zp0mUJ7lBApClnUDaojmgPEzZuiOZQ2lXsQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 04:19:32 GMT
age: 8549
etag: "99ece60b2c12ebc34512a58c886c997e273ad1ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
30bf854fd3e27e2313a3d26fc43b9990
032acf1bfb0c8e2cbce8f2ff4d2964424b044951
7641be64dd25487edf4f845d1fbb0b07daa80fa8fb58863dd09081d9d169bd13

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13d7f0db-89d6-4166-b182-85e35e518df9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: de0e8998-4a52-4651-bcd6-3068c50193b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey2Eq4oAMFZlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-15da44d87bf486cb1738fe18;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nqxzicnkQPrjStpPaMIZAukyjtUBQaXfuxWzIs77YGDyJmnirlMsxw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:54:51 GMT
age: 31630
etag: "032acf1bfb0c8e2cbce8f2ff4d2964424b044951"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9632 bytes)
Hash
3fa914e288ca54908967c65ae6000607
b470ee66546236df6932247b8de7982a081e3170
04dc2796377fdd129e03e1a1902207ba57f23933f4296908794097353f2de13f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b72072c-e8d1-4d87-8b3d-88a344002b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9632
x-amzn-requestid: aee8c394-86b7-4b7e-8a1b-134b4de8454f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxZF0rIAMFodg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2f2a9e20556d8899447fc662;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 77bXbuBtQ1AUHqlplB8HwTfSd83WZTTsmHsN2hZiTk83XvP5Bdpfhg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 14:24:28 GMT
age: 58653
etag: "b470ee66546236df6932247b8de7982a081e3170"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4452 bytes)
Hash
e1556a0afcd327679e471ac6373ca29f
15ac095f9a744d85d7054d6c48af8a3f9ec9fc3a
d3537c985a20cf69290064fbd46778a6fbe6604cb6b37b272c8058142f02ffdf

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1944c2a5-23d6-45f7-ab9f-78685b5e5be8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4452
x-amzn-requestid: 882486d7-8cdc-4986-8562-6ec196c2a8e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xt-dIFk7IAMFs4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630f1120-5a4edfae33e2ef3f133e22f6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 07:43:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AbTFZ3Y-e5K4Ljph7Qn-Xhl0jk1VpgDxs0djpD3IMpppsAEadePgfQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 05:46:11 GMT
age: 3350
etag: "15ac095f9a744d85d7054d6c48af8a3f9ec9fc3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0.1

66.29.153.238

200 OK

11 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (45507)
Size
11 kB (11392 bytes)
Hash
5eb62026ce88a47d683d6ffb54fdcd94
c7d83c9acdb469f389f5c8637efba01a3ef72b00
011224e00d9b1b1088d91e0e92efddab077967c8dd81aecf92d06d2578c3a7df

HTTP Headers

GET /wp-content/plugins/download-manager/assets/fontawesome/css/all.css?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:44:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11392
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a73c40e0fed317f31e35a24d5b5e2d0d
fb19e9d403e37956762ebb527260576860161872
4a38f2cc8997dada402e2cce06bbd8776cbad2075b00696d00efa59ad5388644

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1

66.29.153.238

200 OK

12 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (57835), with no line terminators
Size
12 kB (12393 bytes)
Hash
77990aa9fcab4dfe59d26d400a4bc0e3
ea804e693cdc08a142848b9150ce3ce98292bc4b
c951d5bcd422f61de0679a96910aad6bfcc0cf7dc7ca61918bed31a846402171

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/css/bootstrap.min.css?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:44:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12393
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.1

66.29.153.238

200 OK

15 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (482)
Size
15 kB (15297 bytes)
Hash
4364dbed22a69c128b907b792c7c00f2
654eae453835bb06553d7e77ead5bcf22df8e7c8
32f98dd4270d64b76d5857a9566afe6b0efec602142ceeafc3f6ce2b5a1cd4d5

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/download-manager/assets/css/front.css?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:44:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 15297
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/css/dashicons.min.css?ver=6.0.1

66.29.153.238

200 OK

37 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/css/dashicons.min.css?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (58981)
Size
37 kB (36701 bytes)
Hash
eb43cb2d741eeef42d8985889f43d7f3
d9e04794adb11a9651dcb427eec7f80030bc2926
9b2c46be477c3566ecb565e6ddeeaabadfb400e3a5552450edc979c358132e72

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 03:42:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 36701
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.1

66.29.153.238

200 OK

4.8 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (31693), with no line terminators
Size
4.8 kB (4831 bytes)
Hash
74661f78395e5a62e0bac12aeba26fb5
9f44089c7636a046a549cce0df86eee0f01a12e2
3b861df64f56015b3acad0270a5dc9d934eeaec6675c3b7d1587fe21d1508ed6

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/everest-forms/assets/css/everest-forms.css?ver=1.9.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:45:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4831
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106

66.29.153.238

200 OK

476 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1156), with no line terminators
Size
476 B (476 bytes)
Hash
7d510f2dfdeb6086ca597504f305b1f6
f6d30281179fa9ea9b3b07c40ab6055dd7b66e0f
ccf104c058b54813ab1c6bfe8995d9222b2d5d27424c23c63910caacf9d3aa08

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 03:47:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 476
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/style.css?ver=2.1.0

66.29.153.238

200 OK

17 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/style.css?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
17 kB (17193 bytes)
Hash
bfcbb98528389f8a0ab4a26be5f39280
a08ac7083817fa4cccd79d31a84d7cc30acfefed
653228eb35c4432514f4812cc6caac3282c07840ebebd28e960d4524a21aafb2

HTTP Headers

GET /wp-content/themes/colormag/style.css?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17193
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.0

66.29.153.238

200 OK

1.7 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (5219), with no line terminators
Size
1.7 kB (1749 bytes)
Hash
43c7d7ed58ad8b281b7b42e55c22fdf0
de34ff876756ca7ab757cc7ae110af13db0999ed
d9af658af7d24e8f35309e4f25dc0b5f1f6f6305f26b0b5b4813d4fcc19fb270

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/magnific-popup/magnific-popup.min.css?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1749
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0

66.29.153.238

200 OK

8.0 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30837), with CRLF line terminators
Size
8.0 kB (7954 bytes)
Hash
cbdc0e450a729fb0558cf12b0befb115
42a807d5db1b648e060ead5def2867f6ca04a61f
ea37669283b51de8f73308afeabe9e1d51e6ffd1f0a7e690a372fc0f78299c5a

HTTP Headers

GET /wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7954
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.0.1

66.29.153.238

200 OK

213 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
213 B (213 bytes)
Hash
ff26a738af0a884d9c21a8e756575837
ea81a9e5d96280f7e477e14395f2e0cc5fb4c66e
3edcd00452293aa33cd75dfa0e55e4e77faf6cdccd51e0c0cf74fa5430962c9e

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:43:05 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 213
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.2

66.29.153.238

200 OK

1.6 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.2
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (8319)
Size
1.6 kB (1604 bytes)
Hash
149474d682845bad768a656bd63cdf1a
15c0ee990c58e397fa8dfda810c8e94ae35daa19
1d5db34f92820846f5f57760fc55c16d4f6f3ee0ec35302c12f4fc89cd19073e

HTTP Headers

GET /wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css?ver=14.1.2 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:28:31 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:45:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1604
date: Mon, 05 Sep 2022 06:28:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=3.5.7

66.29.153.238

200 OK

1.6 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=3.5.7
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.6 kB (1590 bytes)
Hash
69b706c94c6d01decff57096c5a37314
95762740f47854121a111533b9b6e4e82cdecb3b
26f735196cd374ed50ebeab91b68ab4b8080ab9222fc5470aab9f4957c7592ff

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/simple-sitemap/lib/assets/css/simple-sitemap.css?ver=3.5.7 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:28:31 GMT
content-type: text/css
last-modified: Fri, 29 Jul 2022 07:47:03 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1590
date: Mon, 05 Sep 2022 06:28:31 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/1and1-wordpress-assistant/js/cookies.js?ver=6.0.1

66.29.153.238

200 OK

375 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/1and1-wordpress-assistant/js/cookies.js?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
375 B (375 bytes)
Hash
f6c2744a520919e9cf442aa46569e4ab
14c50a5898aa2b3f69e0fcc2d9e77a55fae9885a
a19282e834fcdb97dc4e01bddac9b94055e0968c817788980d0cde853847af7a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/1and1-wordpress-assistant/js/cookies.js?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 22 Feb 2019 08:07:44 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 375
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

66.29.153.238

200 OK

30 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30273 bytes)
Hash
34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:42:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

66.29.153.238

200 OK

4.0 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:42:37 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.1

66.29.153.238

200 OK

7.2 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (21084)
Size
7.2 kB (7197 bytes)
Hash
b0510dd32a2bf3a88f8ef863cef5a962
fade95172c35b447d016242b1e94d67cede65214
876df4d6257d286ea6d99ed1eaad09988dd9833fe5be4cee05fc617bcd99159c

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/popper.min.js?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:44:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 7197
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.1

66.29.153.238

200 OK

15 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (62161)
Size
15 kB (14692 bytes)
Hash
a477e1050ff7d8faa1e87820516e9ba5
adfa2c2a1645447881faf9ac0e1791e482b1cad4
64a15d3d17400ab20c7e7621ef18006b69af14d29f8ec030ce9b4d68865c2052

HTTP Headers

GET /wp-content/plugins/download-manager/assets/bootstrap/js/bootstrap.min.js?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:44:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14692
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.52

66.29.153.238

200 OK

10 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.52
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4122)
Size
10 kB (10215 bytes)
Hash
4e6b8e40eed2b52113de3ed9b1329b84
29eb737323149557f2070ee4a6e7369da07ff3ea
6ce353f3f1b5005cc15aac186dffb9db515d7116f44074a894d0b2c0c4646f66

HTTP Headers

GET /wp-content/plugins/download-manager/assets/js/front.js?ver=3.2.52 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:44:47 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10215
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.2

66.29.153.238

200 OK

4.2 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.2
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (13486)
Size
4.2 kB (4214 bytes)
Hash
d31056316b1aab2e6b88b86d4307e22f
635028e6b6c0409708155d3493675f0a4fbb079d
a966977bbf98883976cbf28b844a44b56e65fdf99d6fa6bf963a2b8ede223185

HTTP Headers

GET /wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=14.1.2 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:45:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4214
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ntp.recruitmentdbranlu.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 29 Aug 2022 18:53:20 GMT
expires: Tue, 29 Aug 2023 18:53:20 GMT
cache-control: public, max-age=31536000
age: 560923
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3958546039b436bd448017432b45c949
45aadab2339c0718b57200a1b2849073c04f08f5
903f9b9e0ccec46513fb56991790db64f79dd2548f6240c4905cf9f19bdaa783

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ntp.recruitmentdbranlu.in/wp-content/uploads/2021/11/Recruitment-Logo.jpg

66.29.153.238

200 OK

12 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/uploads/2021/11/Recruitment-Logo.jpg
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 203x136, components 3\012- data
Size
12 kB (12278 bytes)
Hash
89bbe6782f113f3cb1e4c96a8c9bf2ba
4d8252bbb9306a15768fa2edbdfc1f8fae259321
1dd008bc8f91e08dc63ce3d38dd2c5a29e436e537f3db4e7b2ac08baa1b93812

HTTP Headers

GET /wp-content/uploads/2021/11/Recruitment-Logo.jpg HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: image/jpeg
last-modified: Sun, 21 Nov 2021 11:02:16 GMT
accept-ranges: bytes
content-length: 12278
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

66.29.153.238

200 OK

2.4 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

66.29.153.238

200 OK

6.9 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
6.9 kB (6872 bytes)
Hash
1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6872
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3

66.29.153.238

200 OK

1.6 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (4875)
Size
1.6 kB (1575 bytes)
Hash
06a8ac0e71976bc143cfa7861a31169d
def6031fe13259bf17752661832d815e37068bf2
e6f42d97e7299522bbb002364128fdf72cd22263ca72c5edc41dcd8f4672cd33

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:39:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1575
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94

66.29.153.238

200 OK

3.7 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
data
Size
3.7 kB (3717 bytes)
Hash
f778ade6a70be55cbf039cfafb20fa7f
68d7a7f2d88907a038ec557ae0ab67f58d7bcdc5
88fd2a2f80a5ff9f70a6c4019d81f3bae8bc92623697454faa44f448cc43ad93

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:38:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3717
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dc48f2fef5f02ae34f0e81bcbccebebf
8d0024563dfc2c76586d3b7d65be5f3e45f01d0d
89f75219d4f78f9d6cb6a32c4ea818b7e58fe8225a2bbfc8e4efe56486242e1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 06:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 00:28:00 GMT
Expires: Mon, 12 Sep 2022 00:27:59 GMT
Etag: "8d0024563dfc2c76586d3b7d65be5f3e45f01d0d"
Cache-Control: max-age=581755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745cfb9339af1c0a-OSL

ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0

66.29.153.238

200 OK

5.7 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (16109), with no line terminators
Size
5.7 kB (5702 bytes)
Hash
6687910f2f31618bc2b3772b2d7ce77b
3b5ab3572c57dbe3fb274ca85ea8ad6156052daf
f78e26de908c858c29cdf8851ceae6d1609bd41f35505c2136300f00e729a93c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.form.min.js?ver=4.3.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:38:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5702
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106

66.29.153.238

200 OK

2.2 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6091), with no line terminators
Size
2.2 kB (2181 bytes)
Hash
bc966353388572531142d078254a46dd
d813127829e81e4d1b42d7943c5f44887cf03d8e
377527657e160de1456dff3e050ba75f2bf0648fb1a479d5e831441f84b9e606

HTTP Headers

GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:47:01 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2181
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0

66.29.153.238

200 OK

5.9 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (23954), with no line terminators
Size
5.9 kB (5908 bytes)
Hash
59217161cbd6d50301170bd667da31ee
9eb8976f6c02a76fefebac9b69a12ab806357d44
41ba9af5b5992ad12e75ada169b367676db7b6dcfbdece6891ff8ad380e4cb06

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/jquery.bxslider.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5908
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.0

66.29.153.238

200 OK

997 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3437), with no line terminators
Size
997 B (997 bytes)
Hash
bad36a5d7b141e5a0d6a738e79c0a2bd
e9cd7f6c77df280c159b2da1c1600e021e12a68a
7e42052b64907e0d47dc55000948e54e83c14bda752758be6a534de1eacc132f

HTTP Headers

GET /wp-content/themes/colormag/js/news-ticker/jquery.newsTicker.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 997
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dc48f2fef5f02ae34f0e81bcbccebebf
8d0024563dfc2c76586d3b7d65be5f3e45f01d0d
89f75219d4f78f9d6cb6a32c4ea818b7e58fe8225a2bbfc8e4efe56486242e1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 06:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 00:28:00 GMT
Expires: Mon, 12 Sep 2022 00:27:59 GMT
Etag: "8d0024563dfc2c76586d3b7d65be5f3e45f01d0d"
Cache-Control: max-age=581755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745cfb939b4db512-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
0024aa87f7a1be031c0a3471d40cba35
5a2091f353be25d4604e9b82a9286ef189814d52
0313a8434e8a1c677da0483dca99557c0496959776e21ac68da884c9001feb09

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 06:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 01:46:13 GMT
Expires: Fri, 09 Sep 2022 01:46:12 GMT
Etag: "5a2091f353be25d4604e9b82a9286ef189814d52"
Cache-Control: max-age=327248,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745cfb939979b4f7-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6cb0cbd0d203363b348e14ec7a6f0cec
e49c347a33ae0069087558b74b4d48ea39f0cc27
811cdee24a3c29142466ba16232c596dcdef4cff8d4f4f74bc6a05da8825a237

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 06:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 21:37:27 GMT
Expires: Fri, 09 Sep 2022 21:37:26 GMT
Etag: "e49c347a33ae0069087558b74b4d48ea39f0cc27"
Cache-Control: max-age=398722,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745cfb93992bb521-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dc48f2fef5f02ae34f0e81bcbccebebf
8d0024563dfc2c76586d3b7d65be5f3e45f01d0d
89f75219d4f78f9d6cb6a32c4ea818b7e58fe8225a2bbfc8e4efe56486242e1c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Sep 2022 06:42:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 00:28:00 GMT
Expires: Mon, 12 Sep 2022 00:27:59 GMT
Etag: "8d0024563dfc2c76586d3b7d65be5f3e45f01d0d"
Cache-Control: max-age=581755,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 745cfb9399f81c0a-OSL

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0

66.29.153.238

200 OK

6.9 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19870), with no line terminators
Size
6.9 kB (6892 bytes)
Hash
b25c2d1ec26280938524645284c1b60f
cab939ba78723bf80c44a7f56994de517bf1398c
be041e97327daf127a75a9437e6a5dbcb5f5e6258aa50eba827794a537b41910

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/magnific-popup/jquery.magnific-popup.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6892
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0

66.29.153.238

200 OK

537 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1567), with no line terminators
Size
537 B (537 bytes)
Hash
229c5fa0870b8622f19a2d73346e4a29
f6c00b11f54845bfbaf321e63c2ae8558084dfcc
8cdba91e28e7338c133b343294a885507d8ac9891c3dcba8352b7cdfea70614d

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/navigation.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 537
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0

66.29.153.238

200 OK

635 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (1754), with no line terminators
Size
635 B (635 bytes)
Hash
096bd1b26c4742ce2479189f1e9f7e43
26fcdf5e37f4d6e2705ef997f21799426888020d
9b8df0ee89287ff1a180c3bc3d01c63240d3467af28078c2f9bafbed3c76361e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/fitvids/jquery.fitvids.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 635
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0

66.29.153.238

200 OK

171 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (325), with no line terminators
Size
171 B (171 bytes)
Hash
7d9e5d360e2896a1f2b65b20d8b1ffe0
4c1a57c2d65ff7fbba6898607b5ce11589c23096
4922045fd59fc46a4bd5a09703b5e65bae933e0b65ce634e1362f02f637fa6f0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/skip-link-focus-fix.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 171
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0

66.29.153.238

200 OK

976 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2826), with no line terminators
Size
976 B (976 bytes)
Hash
17ed8e9a716e79f5065b89301eef4ca4
d032f45685cfd2a23c2a3f48218a10bfa25a2582
3869bff58eb9db541d68a3a4696c8c995d7f681de230fdea75297a644511ad8f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/js/colormag-custom.min.js?ver=2.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 976
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0

66.29.153.238

200 OK

4.4 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (19281)
Size
4.4 kB (4419 bytes)
Hash
2955415dc1033c8764ea16717b7a483a
d24548f5093a0c9420c2026fc97f4844828ff8a6
39ea15dd4fe270c4b0f9273131c83855d5a9ed98bebeb625669286c17e73281e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.1.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:45:27 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4419
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.6.0

66.29.153.238

200 OK

1.5 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.6.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2976)
Size
1.5 kB (1452 bytes)
Hash
4ef8cb91308e848f5d59b8e6935ec34b
b180ba32391409dc48cf227b902ebdf33020cdc1
6bf009f34cef1cb8a614c084ab72601baed37b37c028f095174773d45854bc8e

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.6.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1452
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.6.0

66.29.153.238

200 OK

697 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.6.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1533)
Size
697 B (697 bytes)
Hash
e41f8d67c252f92c1549e6fa46378558
3f06fd78cd9ac03c56c8d0d87b5dedc6c9c5dca8
0678e4f00042bafd595dcedeedb7e698a9fb29261cce5de0f2cf75dd12eeb237

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.6.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 697
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.6.0

66.29.153.238

200 OK

317 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.6.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
317 B (317 bytes)
Hash
aa4169b6c66cece2222ab59dce1a4652
c5536bc970014932c658bb5e42c12502f44bdf34
20036c295b34dac435b88f740507dfa8ba8d3653c9eba62514c7ef6b23fb0211

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.6.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:05 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 317
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.2

66.29.153.238

200 OK

903 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.2
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (3102)
Size
903 B (903 bytes)
Hash
fc37037bc0346d714250415f57711bf8
0aa849cd61e0a579803e9301a80c66b89c2cda20
78adeb56acae46d5024f26f44e14aa677e23686a64e7601996e4877f6d6b6242

HTTP Headers

GET /wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=14.1.2 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:45:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 903
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/images/ads.png

66.29.153.238

200 OK

95 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/images/ads.png
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Size
95 B (95 bytes)
Hash
71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

HTTP Headers

GET /wp-content/plugins/ad-inserter/images/ads.png HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: image/png
last-modified: Fri, 29 Jul 2022 07:43:15 GMT
accept-ranges: bytes
content-length: 95
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.17

66.29.153.238

200 OK

112 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.17
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
112 B (112 bytes)
Hash
c4964199de2b605263034861b5046ae6
1f214bb25a6a8de13e645bd011fb7c4247756be5
471eb448db387c12cd6fc0598c12f3c4410056426df3b43ada8dd0fad5fa6a74

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/ads.js?ver=2.7.17 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:15 GMT
accept-ranges: bytes
content-length: 112
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.17

66.29.153.238

200 OK

21 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.17
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
89ded0fe34feffa1323bcfd72860a4d3
a8f101e51570d63bea61484a6f21df431b7f8b59
9b72d1fa27ea4041b8580589c673ce2ef0c0d57dd1e8d1ed65426692f72a42f8

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/sponsors.js?ver=2.7.17 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:25 GMT
accept-ranges: bytes
content-length: 21
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.17

66.29.153.238

200 OK

24 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.17
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
24 B (24 bytes)
Hash
0118f3cf342eba35959e0bb9069b73a6
0b46a14b395eb6a644bef2d19567762f15b5f23c
9a737aee22dcfd3be2498d406cd05c854b2922041c49ae8baebfd0cffdbb2c1f

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/banner.js?ver=2.7.17 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:15 GMT
accept-ranges: bytes
content-length: 24
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.17

66.29.153.238

200 OK

25 B

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.17
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
25 B (25 bytes)
Hash
477a3439cb9e1c0c964ec9c4ea8dfb09
2ea01b77c5646e7de702517261278c5020dc21dc
5094ccbebe88be6b459174d1cca74c7a024fcada1f077756ffa80878347d967b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/ad-inserter/js/300x250.js?ver=2.7.17 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:43:15 GMT
accept-ranges: bytes
content-length: 25
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bmsicl.in/saraswati-health-and-physical-education-class-11-pdf/amp/

66.29.153.238

200 OK

9.1 kB

URL HTTP/2
bmsicl.in/saraswati-health-and-physical-education-class-11-pdf/amp/
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6883), with CRLF, LF line terminators
Size
9.1 kB (9133 bytes)
Hash
e4ec11f04a9d4bf26d2ae0c2cc0f321d
71de14b84b64243dd7de59763178f13b4365bdd0
6beb59c2dc133b93fd3f57b5feb661817273debe93a01059b82c3b07e29cdf7d

HTTP Headers

GET /saraswati-health-and-physical-education-class-11-pdf/amp/ HTTP/1.1
Host: bmsicl.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-ua-compatible: IE=edge
x-pingback: https://bmsicl.in/xmlrpc.php
link: <https://bmsicl.in/wp-json/>; rel="https://api.w.org/", <https://bmsicl.in/wp-json/wp/v2/posts/16>; rel="alternate"; type="application/json", <https://bmsicl.in/?p=16>; rel=shortlink
content-type: text/html; charset=utf-8
server-timing: amp_sanitizer;dur="49.3",amp_style_sanitizer;dur="33.2",amp_tag_and_attribute_sanitizer;dur="11.1",amp_optimizer;dur="8.2"
etag: "85581-1661788797;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 9133
date: Mon, 05 Sep 2022 06:42:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1

66.29.153.238

200 OK

4.6 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.1 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:01 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 07:38:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Mon, 05 Sep 2022 06:42:01 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/1f4e5.svg

192.0.77.48

200 OK

799 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/1f4e5.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
data
Size
799 B (799 bytes)
Hash
3885921ab602b3eff5cefcd1cfee63cd
44a0f492cdb8a7a6b4ffea70a639f722b62a7302
55ccb30f89ca2269c14c7d12547dc2677575b1f6d88629f0e5742b367a2c5408

HTTP Headers

GET /images/core/emoji/14.0.0/svg/1f4e5.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Sep 2022 06:42:03 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
adaa068fbc4cebb45851e77333c7a609
eaa48de99dfac194fb9a767ff4736008ccb3c926
acae9da168ff09fe152e22e786b351167ce55e6b3a3fac061bf0072126c02d23

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
adaa068fbc4cebb45851e77333c7a609
eaa48de99dfac194fb9a767ff4736008ccb3c926
acae9da168ff09fe152e22e786b351167ce55e6b3a3fac061bf0072126c02d23

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.ampproject.org/v0.mjs

216.58.211.1

200 OK

63 kB

URL HTTP/2
cdn.ampproject.org/v0.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (64707)
Size
63 kB (63183 bytes)
Hash
7f082f60b6802c31298e6d0c8ada999e
be0f72e5e2a9da6bef7a6c7c0b0081befb7b50f9
470dcc051602c645804e90a888c666657d0034679d544187ca0012bfb2f446fc

HTTP Headers

GET /v0.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmsicl.in
Connection: keep-alive
Referer: https://bmsicl.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 63183
date: Mon, 05 Sep 2022 06:42:03 GMT
expires: Mon, 05 Sep 2022 06:42:03 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "5235d211603fea66"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/v0/amp-analytics-0.1.mjs

216.58.211.1

200 OK

29 kB

URL HTTP/2
cdn.ampproject.org/v0/amp-analytics-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65534)
Size
29 kB (28859 bytes)
Hash
1623cf38d51d9badad3c454a783345ab
60d4d3e5591f31f0603e8c25606ded8751689a50
3129e458e8979cacad0892c60dc89a7c954557886270b4f2961ddb43015417da

HTTP Headers

GET /v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmsicl.in
Connection: keep-alive
Referer: https://bmsicl.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28859
date: Mon, 05 Sep 2022 06:42:03 GMT
expires: Mon, 05 Sep 2022 06:42:03 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "961e32e31b09db03"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bmsicl.in/wp-content/uploads/2021/10/log.jpg

66.29.153.238

200 OK

58 B

URL HTTP/2
bmsicl.in/wp-content/uploads/2021/10/log.jpg
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 22x21, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
58 B (58 bytes)
Hash
1f22da6c2c50c3b443cfeb358bba99b0
dc3910adec91c8007c1474a8a3c5d98222220db2
ec8987a90e1e4c70fb24dddf8f82987433c490bad27b79359c2df6e45fd89d08

HTTP Headers

GET /wp-content/uploads/2021/10/log.jpg HTTP/1.1
Host: bmsicl.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmsicl.in/saraswati-health-and-physical-education-class-11-pdf/amp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private
expires: Tue, 05 Sep 2023 06:42:03 GMT
content-type: image/webp
last-modified: Fri, 29 Oct 2021 04:27:43 GMT
accept-ranges: bytes
content-length: 58
date: Mon, 05 Sep 2022 06:42:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

bmsicl.in/wp-content/uploads/2021/09/cropped-cropped-Job-32x32.png

66.29.153.238

200 OK

702 B

URL HTTP/2
bmsicl.in/wp-content/uploads/2021/09/cropped-cropped-Job-32x32.png
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 32x32, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
702 B (702 bytes)
Hash
a69409db37bbc4e5925654ecd8055b7e
045ccfcebeaa01f26c26ebc34f8b579fb8205426
e3f22df4b46fde71aeac94da4968810cef8db6f931967ea890249205c0976e57

HTTP Headers

GET /wp-content/uploads/2021/09/cropped-cropped-Job-32x32.png HTTP/1.1
Host: bmsicl.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmsicl.in/saraswati-health-and-physical-education-class-11-pdf/amp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: private
expires: Tue, 05 Sep 2023 06:42:03 GMT
content-type: image/webp
last-modified: Thu, 30 Sep 2021 14:34:43 GMT
accept-ranges: bytes
content-length: 702
date: Mon, 05 Sep 2022 06:42:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
adaa068fbc4cebb45851e77333c7a609
eaa48de99dfac194fb9a767ff4736008ccb3c926
acae9da168ff09fe152e22e786b351167ce55e6b3a3fac061bf0072126c02d23

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.ampproject.org/v0/amp-ad-0.1.mjs

216.58.211.1

200 OK

472 B

URL HTTP/2
cdn.ampproject.org/v0/amp-ad-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d

HTTP Headers

GET /v0/amp-ad-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmsicl.in
Connection: keep-alive
Referer: https://bmsicl.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 21012
date: Mon, 05 Sep 2022 06:42:03 GMT
expires: Mon, 05 Sep 2022 06:42:03 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "57a37fbaaf0601ef"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Rubik

142.250.74.10

200 OK

5.8 kB

URL HTTP/2
fonts.googleapis.com/css?family=Rubik
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
5.8 kB (5751 bytes)
Hash
e1ca05347844d7accf121108747cc97d
5ea629422c6063dd045d18190d6d13360421cda3
d91e4a4ad764367a978205e3a201e27977d19726acc9c95e75876b7d24dbc73b

HTTP Headers

GET /css?family=Rubik HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 06:42:01 GMT
date: Mon, 05 Sep 2022 06:42:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 05 Sep 2022 06:41:12 GMT
expires: Mon, 05 Sep 2022 08:41:12 GMT
cache-control: public, max-age=7200
age: 52
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
194d72d26ddeaa8a8a266839eb707300
86427a0db92a3b4bd2690ad361109559c7212992
ab77f42ccfa0c649217777139f0d14a6742039596ee37a045c5fe96e7ca32338

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1931a32d83e4feb5268887bcb07fcc1e
6fb75c21ced29544dd6d7c3b0ef79adf65718a39
d794fae0b82097a2e97af2f21b6c243832081f88036a2a56bbeeabb08790d88d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

irctcportal.in/pongal-special-train/amp/

162.0.209.173

200 OK

9.6 kB

URL HTTP/2
irctcportal.in/pongal-special-train/amp/
IP
162.0.209.173:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6883), with CRLF, LF line terminators
Size
9.6 kB (9587 bytes)
Hash
77c6140686eef9ebe86f543f527f5776
4fe2f889f1400a51954687fa6452b6e194be7d7e
4aacae89ea75b506a91a5c76d415e71d6201c481ea08e25daf4fc3d40d0bc61e

HTTP Headers

GET /pongal-special-train/amp/ HTTP/1.1
Host: irctcportal.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
set-cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; secure; HttpOnly
x-litespeed-tag: ad41_HTTP.200
link: <https://irctcportal.in/wp-json/>; rel="https://api.w.org/", <https://irctcportal.in/wp-json/wp/v2/pages/46>; rel="alternate"; type="application/json", <https://irctcportal.in/?p=46>; rel=shortlink
content-type: text/html; charset=utf-8
server-timing: amp_sanitizer;dur="76.3",amp_style_sanitizer;dur="45.3",amp_tag_and_attribute_sanitizer;dur="24.2",amp_optimizer;dur="17.2"
content-length: 9587
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 06:42:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

contextual.media.net/dmedianet.js

23.38.200.22

200 OK

52 kB

URL HTTP/2
contextual.media.net/dmedianet.js
IP
23.38.200.22:0
ASN
#16625 AKAMAI-AS

File type
data
Size
52 kB (52147 bytes)
Hash
0235028cea32d8d0c14e33381c65c22f
688b85147b7ea3800f5da39e23fe6c80c25d1361
4f9ce67416f0d937ad19d9f9e1697712da8e0d8680faaf8adf8d593b81108a60

HTTP Headers

GET /dmedianet.js HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache
content-type: text/javascript; charset=utf-8
x-mnt-h: 8-35
x-mnt-w: 8-9
etag: "e791f5b68a810736204b1263f60ae2a0"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Mon, 05 Sep 2022 06:47:04 GMT
date: Mon, 05 Sep 2022 06:42:04 GMT
X-Firefox-Spdy: h2

irctcportal.in/wp-content/uploads/2021/12/Indian-Railway-150x86.jpg

162.0.209.173

200 OK

11 kB

URL HTTP/2
irctcportal.in/wp-content/uploads/2021/12/Indian-Railway-150x86.jpg
IP
162.0.209.173:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left], baseline, precision 8, 150x86, components 3\012- data
Size
11 kB (11119 bytes)
Hash
dd945a89d0636aa10957734f963360d3
ab0bca77de1423625a40cb37be2023ea2b603d9f
ba246443159229b77779e981e4978420d59b69e21d52c08a929b666d3d0aa26e

HTTP Headers

GET /wp-content/uploads/2021/12/Indian-Railway-150x86.jpg HTTP/1.1
Host: irctcportal.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://irctcportal.in/indian-railway-map/amp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Sep 2022 06:42:04 GMT
content-type: image/jpeg
last-modified: Fri, 03 Dec 2021 05:02:12 GMT
accept-ranges: bytes
content-length: 11119
date: Mon, 05 Sep 2022 06:42:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0

66.29.153.238

200 OK

77 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/colormag/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/wp-content/themes/colormag/fontawesome/css/font-awesome.min.css?ver=2.1.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Sep 2022 06:42:03 GMT
content-type: font/woff2
last-modified: Thu, 16 Sep 2021 03:48:25 GMT
accept-ranges: bytes
content-length: 77160
date: Mon, 05 Sep 2022 06:42:03 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ntp.recruitmentdbranlu.in/wp-content/uploads/2021/11/Recruitment-Logo-150x136.jpg

66.29.153.238

200 OK

11 kB

URL HTTP/2
ntp.recruitmentdbranlu.in/wp-content/uploads/2021/11/Recruitment-Logo-150x136.jpg
IP
66.29.153.238:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 150x136, components 3\012- data
Size
11 kB (11303 bytes)
Hash
cea6d4aa88f0197f9dd44013149fc8cc
2894aba11324e1f9f4302ef54e63387cd060ca36
35440146f75cab078e161665ce0eabe33569143eff1f8d6d57443228452d4667

HTTP Headers

GET /wp-content/uploads/2021/11/Recruitment-Logo-150x136.jpg HTTP/1.1
Host: ntp.recruitmentdbranlu.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/category/sumita-arora-c-class-12-book-pdf-download
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=2419200
expires: Mon, 03 Oct 2022 06:42:04 GMT
content-type: image/jpeg
last-modified: Sun, 21 Nov 2021 11:02:16 GMT
accept-ranges: bytes
content-length: 11303
date: Mon, 05 Sep 2022 06:42:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

cdn.ampproject.org/rtv/012208172101000/v0/amp-loader-0.1.mjs

216.58.211.1

200 OK

3.8 kB

URL HTTP/2
cdn.ampproject.org/rtv/012208172101000/v0/amp-loader-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (11977)
Size
3.8 kB (3827 bytes)
Hash
ef78d8c4f149f1ac85fb9535f6ed6fdd
47c23bbd70ac5e1344e737c6e74c9561767e7863
e57d3603d7344da6f7493c56604246c8648885be8a51f3eaf7df26024515d776

HTTP Headers

GET /rtv/012208172101000/v0/amp-loader-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://irctcportal.in
Connection: keep-alive
Referer: https://irctcportal.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 3827
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 01:34:19 GMT
expires: Thu, 31 Aug 2023 01:34:19 GMT
cache-control: public, max-age=31536000
etag: "4b9c01426b5745e7"
content-type: text/javascript; charset=UTF-8
age: 450466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-network-adsense-impl-0.1.mjs

216.58.211.1

200 OK

52 kB

URL HTTP/2
cdn.ampproject.org/rtv/012208172101000/v0/amp-ad-network-adsense-impl-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (65526)
Size
52 kB (51911 bytes)
Hash
d968cc7a386e84105b42cec0192912c4
114063720b621f5d677d0e92c46780fefad8a971
e7e0026c68e765ceff9d7defbba3377c64265d9a5873c9777d587d2612a75ed5

HTTP Headers

GET /rtv/012208172101000/v0/amp-ad-network-adsense-impl-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmsicl.in
Connection: keep-alive
Referer: https://bmsicl.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 51911
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 20:32:21 GMT
expires: Wed, 30 Aug 2023 20:32:21 GMT
cache-control: public, max-age=31536000
etag: "aacc4f116879edba"
content-type: text/javascript; charset=UTF-8
age: 468584
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/rtv/012208172101000/v0/amp-analytics-0.1.mjs

216.58.211.1

200 OK

29 kB

URL HTTP/2
cdn.ampproject.org/rtv/012208172101000/v0/amp-analytics-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65534)
Size
29 kB (28859 bytes)
Hash
1623cf38d51d9badad3c454a783345ab
60d4d3e5591f31f0603e8c25606ded8751689a50
3129e458e8979cacad0892c60dc89a7c954557886270b4f2961ddb43015417da

HTTP Headers

GET /rtv/012208172101000/v0/amp-analytics-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://irctcportal.in
Connection: keep-alive
Referer: https://irctcportal.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 28859
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 20:32:12 GMT
expires: Wed, 30 Aug 2023 20:32:12 GMT
cache-control: public, max-age=31536000
etag: "961e32e31b09db03"
content-type: text/javascript; charset=UTF-8
age: 468593
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

puneplasma.in/best-business-centre-spaces-in-chennai/amp/

162.0.215.53

200 OK

8.5 kB

URL HTTP/2
puneplasma.in/best-business-centre-spaces-in-chennai/amp/
IP
162.0.215.53:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6883), with CRLF, LF line terminators
Size
8.5 kB (8491 bytes)
Hash
ba9961052b6769c484bd3ae09806a213
53eeaf3612f71542649ba23a70ab8abc9e70d96a
07c38d58769281522a4f3aa3a942278c29680d13a6a0ddc9bad777b0abefdc20

HTTP Headers

GET /best-business-centre-spaces-in-chennai/amp/ HTTP/1.1
Host: puneplasma.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-ua-compatible: IE=edge
x-pingback: https://puneplasma.in/xmlrpc.php
link: <https://puneplasma.in/wp-json/>; rel="https://api.w.org/", <https://puneplasma.in/wp-json/wp/v2/posts/1028>; rel="alternate"; type="application/json", <https://puneplasma.in/?p=1028>; rel=shortlink
content-type: text/html; charset=utf-8
server-timing: amp_sanitizer;dur="50.1",amp_style_sanitizer;dur="28.3",amp_tag_and_attribute_sanitizer;dur="9.9",amp_optimizer;dur="37.3"
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 06:42:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

adservice.google.com/adsid/integrator.json?domain=irctcportal.in

142.250.74.130

200 OK

83 B

URL HTTP/2
adservice.google.com/adsid/integrator.json?domain=irctcportal.in
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
c4b81d82331aacbf8fcbb2df2a7408b8
be1e8c836d11cf804fe635492e692e78868a87ae
049507f7888e44d57759656fdd254c4a30b5a0f5af405dfa52523abc7cddccfd

HTTP Headers

GET /adsid/integrator.json?domain=irctcportal.in HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://irctcportal.in/
Origin: https://irctcportal.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://irctcportal.in
access-control-allow-credentials: true
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Sep 2022 06:42:05 GMT
server: cafe
content-length: 83
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
420a6ffc72857f7132a9065de7c844a9
dee617384561d0790b72f096336b73ade7950579
c98bdc53f1f22291c4b954e9bd5f6432cfe3d5b24e3680b4ada3fc3a696e79d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

adservice.google.com/adsid/integrator.json?domain=bmsicl.in

142.250.74.130

200 OK

83 B

URL HTTP/2
adservice.google.com/adsid/integrator.json?domain=bmsicl.in
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
c4b81d82331aacbf8fcbb2df2a7408b8
be1e8c836d11cf804fe635492e692e78868a87ae
049507f7888e44d57759656fdd254c4a30b5a0f5af405dfa52523abc7cddccfd

HTTP Headers

GET /adsid/integrator.json?domain=bmsicl.in HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bmsicl.in/
Origin: https://bmsicl.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bmsicl.in
access-control-allow-credentials: true
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Mon, 05 Sep 2022 06:42:05 GMT
server: cafe
content-length: 83
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

puneplasma.in/wp-content/uploads/2022/08/error_404.jpg

162.0.215.53

200 OK

7.8 kB

URL HTTP/2
puneplasma.in/wp-content/uploads/2022/08/error_404.jpg
IP
162.0.215.53:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 27x30, components 3\012- data
Size
7.8 kB (7840 bytes)
Hash
d9f3f8cc7a03782a2e05ff564a060de4
51ca38002ffa944892bd5298ff63d9cd56e6525d
945a85908a522fbd70da632af282f08e16157e2793ade4506760912ae4bec697

HTTP Headers

GET /wp-content/uploads/2022/08/error_404.jpg HTTP/1.1
Host: puneplasma.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://puneplasma.in/best-business-centre-spaces-in-chennai/amp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Sep 2022 06:42:05 GMT
content-type: image/jpeg
last-modified: Fri, 19 Aug 2022 09:47:26 GMT
accept-ranges: bytes
content-length: 7840
date: Mon, 05 Sep 2022 06:42:05 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

d-20372996401499540524.ampproject.net/2208172101000/nameframe.html

216.58.211.3

200 OK

269 B

URL HTTP/2
d-20372996401499540524.ampproject.net/2208172101000/nameframe.html
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
139605a73229c192646553d8094cdf7e
7eccab4209782752a44728171231014ee31c20a4
bc67df5bb65d58bd69b249c94994812a46de682ba4d4f98982a76b20cab96abc

HTTP Headers

GET /2208172101000/nameframe.html HTTP/1.1
Host: d-20372996401499540524.ampproject.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://irctcportal.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-length: 269
date: Mon, 05 Sep 2022 06:42:05 GMT
expires: Tue, 05 Sep 2023 06:42:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Aug 2022 08:58:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d-10425559192361154705.ampproject.net/2208172101000/nameframe.html

142.250.74.67

200 OK

269 B

URL HTTP/2
d-10425559192361154705.ampproject.net/2208172101000/nameframe.html
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
139605a73229c192646553d8094cdf7e
7eccab4209782752a44728171231014ee31c20a4
bc67df5bb65d58bd69b249c94994812a46de682ba4d4f98982a76b20cab96abc

HTTP Headers

GET /2208172101000/nameframe.html HTTP/1.1
Host: d-10425559192361154705.ampproject.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://irctcportal.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-length: 269
date: Mon, 05 Sep 2022 06:42:05 GMT
expires: Tue, 05 Sep 2023 06:42:05 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Aug 2022 08:58:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

irctcportal.in/shri-ramayana-express-booking-2020/amp/

162.0.209.173

200 OK

30 kB

URL HTTP/2
irctcportal.in/shri-ramayana-express-booking-2020/amp/
IP
162.0.209.173:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6883), with CRLF, LF line terminators
Size
30 kB (29935 bytes)
Hash
603d31c751a16e48125f05c81de000f3
5c5b923edf89be46249f6b2a440717d5c5998dfa
10780e25267f8a6b3b68f97fe8ead5fe389c1ce677dad70e7d6e5eb456ca326b

HTTP Headers

GET /shri-ramayana-express-booking-2020/amp/ HTTP/1.1
Host: irctcportal.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
set-cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; secure; HttpOnly
x-litespeed-tag: ad41_HTTP.200
link: <https://irctcportal.in/wp-json/>; rel="https://api.w.org/", <https://irctcportal.in/wp-json/wp/v2/pages/1014>; rel="alternate"; type="application/json", <https://irctcportal.in/?p=1014>; rel=shortlink
content-type: text/html; charset=utf-8
server-timing: amp_sanitizer;dur="71.0",amp_style_sanitizer;dur="42.8",amp_tag_and_attribute_sanitizer;dur="17.3",amp_optimizer;dur="25.3"
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 06:42:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

d-1960130804177126975.ampproject.net/2208172101000/nameframe.html

142.250.74.131

200 OK

269 B

URL HTTP/2
d-1960130804177126975.ampproject.net/2208172101000/nameframe.html
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
139605a73229c192646553d8094cdf7e
7eccab4209782752a44728171231014ee31c20a4
bc67df5bb65d58bd69b249c94994812a46de682ba4d4f98982a76b20cab96abc

HTTP Headers

GET /2208172101000/nameframe.html HTTP/1.1
Host: d-1960130804177126975.ampproject.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://irctcportal.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-length: 269
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Tue, 05 Sep 2023 06:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Aug 2022 08:58:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d-33354991353544758728.ampproject.net/2208172101000/nameframe.html

142.250.74.99

200 OK

269 B

URL HTTP/2
d-33354991353544758728.ampproject.net/2208172101000/nameframe.html
IP
142.250.74.99:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
139605a73229c192646553d8094cdf7e
7eccab4209782752a44728171231014ee31c20a4
bc67df5bb65d58bd69b249c94994812a46de682ba4d4f98982a76b20cab96abc

HTTP Headers

GET /2208172101000/nameframe.html HTTP/1.1
Host: d-33354991353544758728.ampproject.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bmsicl.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-length: 269
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Tue, 05 Sep 2023 06:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Aug 2022 08:58:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d-3533551061988271890.ampproject.net/2208172101000/nameframe.html

142.250.74.35

200 OK

269 B

URL HTTP/2
d-3533551061988271890.ampproject.net/2208172101000/nameframe.html
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
139605a73229c192646553d8094cdf7e
7eccab4209782752a44728171231014ee31c20a4
bc67df5bb65d58bd69b249c94994812a46de682ba4d4f98982a76b20cab96abc

HTTP Headers

GET /2208172101000/nameframe.html HTTP/1.1
Host: d-3533551061988271890.ampproject.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://irctcportal.in/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-length: 269
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Tue, 05 Sep 2023 06:42:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 18 Aug 2022 08:58:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/rtv/012208172101000/v0/amp-auto-lightbox-0.1.mjs

216.58.211.1

200 OK

2.8 kB

URL HTTP/2
cdn.ampproject.org/rtv/012208172101000/v0/amp-auto-lightbox-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6993)
Size
2.8 kB (2830 bytes)
Hash
3f9eceefbf2d3fa0c14b8dbf35876655
74b02ed013b4afdbc60d1b2097b5a0edec71bf7e
ba1d34e5d674bf882a40f3a17e3d7f5be91e91231b666ce9e5339fb833a5a7ef

HTTP Headers

GET /rtv/012208172101000/v0/amp-auto-lightbox-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmsicl.in
Connection: keep-alive
Referer: https://bmsicl.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2830
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 18:05:29 GMT
expires: Thu, 31 Aug 2023 18:05:29 GMT
cache-control: public, max-age=31536000
etag: "ac32f87752a11018"
content-type: text/javascript; charset=UTF-8
age: 390997
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/rtv/012208172101000/v0/amp-lightbox-gallery-0.1.mjs

216.58.211.1

200 OK

17 kB

URL HTTP/2
cdn.ampproject.org/rtv/012208172101000/v0/amp-lightbox-gallery-0.1.mjs
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (57243)
Size
17 kB (16825 bytes)
Hash
cc38a25f50932c57cfa928b24045b910
bd9c8abf04af7f1cf860f763d1c00b098e67acad
d88851281fa33dbb09edf670f17102854e2b4d3d0cec1a07495dc23b79eba195

HTTP Headers

GET /rtv/012208172101000/v0/amp-lightbox-gallery-0.1.mjs HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bmsicl.in
Connection: keep-alive
Referer: https://bmsicl.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 16825
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 20:32:55 GMT
expires: Wed, 30 Aug 2023 20:32:55 GMT
cache-control: public, max-age=31536000
etag: "cb17c4d10cad67fd"
content-type: text/javascript; charset=UTF-8
age: 468551
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5273741901806262&format=1140x320&w=1140&h=320&ptt=12&iu=1959935732&adk=253608770&output=html&bc=7&pv=2&wgl=1&asnt=1-31083576561346147039&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53007119&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=7119&dt=1662360121779&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Fshri-ramayana-express-booking-2020%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Fshri-ramayana-express-booking-2020%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=805&dtd=295&__amp_source_origin=https%3A%2F%2Firctcportal.in

216.58.207.226

200 OK

9.7 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5273741901806262&format=1140x320&w=1140&h=320&ptt=12&iu=1959935732&adk=253608770&output=html&bc=7&pv=2&wgl=1&asnt=1-31083576561346147039&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53007119&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=7119&dt=1662360121779&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Fshri-ramayana-express-booking-2020%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Fshri-ramayana-express-booking-2020%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=805&dtd=295&__amp_source_origin=https%3A%2F%2Firctcportal.in
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (41525), with no line terminators
Size
9.7 kB (9729 bytes)
Hash
514a08a075594c9bd457f40ddae00270
c99a99737988e7a2fc82103b6a4be627b088dec1
04f3e70786a3f9d4c9285c669d2f6a15d0d562b0c99843158fa96ba3fc24c2bf

HTTP Headers

GET /pagead/ads?client=ca-pub-5273741901806262&format=1140x320&w=1140&h=320&ptt=12&iu=1959935732&adk=253608770&output=html&bc=7&pv=2&wgl=1&asnt=1-31083576561346147039&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53007119&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=7119&dt=1662360121779&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Fshri-ramayana-express-booking-2020%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Fshri-ramayana-express-booking-2020%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=805&dtd=295&__amp_source_origin=https%3A%2F%2Firctcportal.in HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://irctcportal.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 05 Sep 2022 06:42:06 GMT
server: cafe
content-length: 9729
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Sep-2022 06:57:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1637567972215053&format=1140x320&w=1140&h=320&ptt=12&iu=5629337603&adk=1867310277&output=html&bc=7&pv=2&wgl=1&asnt=1-2144588236225289408&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=7386&ga_cid=amp-UwsIFsnRZXOSDTT-Ubkmtw&ga_hid=7386&dt=1662360121624&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fbmsicl.in%2Fsaraswati-health-and-physical-education-class-11-pdf%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Fbmsicl.in%2Fsaraswati-health-and-physical-education-class-11-pdf%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=2019&dtd=402&__amp_source_origin=https%3A%2F%2Fbmsicl.in

216.58.207.226

200 OK

9.8 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1637567972215053&format=1140x320&w=1140&h=320&ptt=12&iu=5629337603&adk=1867310277&output=html&bc=7&pv=2&wgl=1&asnt=1-2144588236225289408&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=7386&ga_cid=amp-UwsIFsnRZXOSDTT-Ubkmtw&ga_hid=7386&dt=1662360121624&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fbmsicl.in%2Fsaraswati-health-and-physical-education-class-11-pdf%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Fbmsicl.in%2Fsaraswati-health-and-physical-education-class-11-pdf%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=2019&dtd=402&__amp_source_origin=https%3A%2F%2Fbmsicl.in
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (40802), with no line terminators
Size
9.8 kB (9761 bytes)
Hash
16e949376ba0dca3e136e3024c1606db
816b0e0d8ebd6a553b90de7cd46e5a78bcf440e0
e599a7b6570dd5d3b9219604e6ec0c166e8fa88ed598ceb93b2014a25e2c9207

HTTP Headers

GET /pagead/ads?client=ca-pub-1637567972215053&format=1140x320&w=1140&h=320&ptt=12&iu=5629337603&adk=1867310277&output=html&bc=7&pv=2&wgl=1&asnt=1-2144588236225289408&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=7386&ga_cid=amp-UwsIFsnRZXOSDTT-Ubkmtw&ga_hid=7386&dt=1662360121624&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fbmsicl.in%2Fsaraswati-health-and-physical-education-class-11-pdf%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Fbmsicl.in%2Fsaraswati-health-and-physical-education-class-11-pdf%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=2019&dtd=402&__amp_source_origin=https%3A%2F%2Fbmsicl.in HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bmsicl.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 05 Sep 2022 06:42:06 GMT
server: cafe
content-length: 9761
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Sep-2022 06:57:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private
X-Firefox-Spdy: h2

cdn.ampproject.org/v0/amp-ad-exit-0.1.js

216.58.211.1

200 OK

6.6 kB

URL HTTP/2
cdn.ampproject.org/v0/amp-ad-exit-0.1.js
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19342)
Size
6.6 kB (6624 bytes)
Hash
f94cc8882fa6a1f0bef0b400b7837375
ccd9def472d031c9e0abbd414120a202facb7750
3b03bd382468adc1d06602655a71c5693b80b693c0385a586e894d44028e47a9

HTTP Headers

GET /v0/amp-ad-exit-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 6624
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "b7fca7ab01c7d1e4"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/v0/amp-analytics-0.1.js

216.58.211.1

200 OK

32 kB

URL HTTP/2
cdn.ampproject.org/v0/amp-analytics-0.1.js
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (65534)
Size
32 kB (31988 bytes)
Hash
ac94e7c47eb452f6b52a77a47f25f846
a49d51f17c43e70881efe1aec2c32fa82261f745
fb4408af75a510ef98d191bc3d4873149207da6a6e73f318a833d9c47cb270dd

HTTP Headers

GET /v0/amp-analytics-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 31988
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "d9a9282eb176ac2c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/v0/amp-form-0.1.js

216.58.211.1

200 OK

15 kB

URL HTTP/2
cdn.ampproject.org/v0/amp-form-0.1.js
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (50557)
Size
15 kB (14975 bytes)
Hash
0cd0f860f3a5deb0fa7fdbdbba8a11ae
98084c2c74e31c2ea660fc041dd06fa494eaf96c
02a24dd6ab8ec5b2fece8d47d029bb8709a2164d93aecd928407aea5cc3f213c

HTTP Headers

GET /v0/amp-form-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 14975
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "108063ba83b44e36"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/v0/amp-fit-text-0.1.js

216.58.211.1

200 OK

2.5 kB

URL HTTP/2
cdn.ampproject.org/v0/amp-fit-text-0.1.js
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (6888)
Size
2.5 kB (2519 bytes)
Hash
1384de379be78d4bb0a861f32887bc44
07cb6c169835ea964e2d30b2d707982873166bee
e850823b298df7561c5403b8de2a9228514b3fa5005c799377bc1bc452d81578

HTTP Headers

GET /v0/amp-fit-text-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 2519
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "66f260a4120f0c6d"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5273741901806262&format=1140x320&w=1140&h=320&ptt=12&iu=1959935732&adk=253608770&output=html&bc=7&pv=2&wgl=1&asnt=1-15396765661912088350&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53002425&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=2425&dt=1662360121724&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Ftatkal-timing-2021%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Ftatkal-timing-2021%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=752&dtd=328&__amp_source_origin=https%3A%2F%2Firctcportal.in

216.58.207.226

200 OK

11 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5273741901806262&format=1140x320&w=1140&h=320&ptt=12&iu=1959935732&adk=253608770&output=html&bc=7&pv=2&wgl=1&asnt=1-15396765661912088350&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53002425&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=2425&dt=1662360121724&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Ftatkal-timing-2021%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Ftatkal-timing-2021%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=752&dtd=328&__amp_source_origin=https%3A%2F%2Firctcportal.in
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48664), with no line terminators
Size
11 kB (10879 bytes)
Hash
9f7f6d9e4955708fcbddf563696f7204
eaac72a6b9db06be3c41ac37829bcc8c70d73265
5edb30a3e23f68ca7acc3d3bdf40cb3a356005d98b575939dd98507573eb5f38

HTTP Headers

GET /pagead/ads?client=ca-pub-5273741901806262&format=1140x320&w=1140&h=320&ptt=12&iu=1959935732&adk=253608770&output=html&bc=7&pv=2&wgl=1&asnt=1-15396765661912088350&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1140%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53002425&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=2425&dt=1662360121724&biw=1140&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1140&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Ftatkal-timing-2021%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Ftatkal-timing-2021%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=752&dtd=328&__amp_source_origin=https%3A%2F%2Firctcportal.in HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://irctcportal.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 05 Sep 2022 06:42:06 GMT
server: cafe
content-length: 10879
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Sep-2022 06:57:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

142.250.74.163

200 OK

28 kB

URL HTTP/2
fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 28288, version 1.0\012- data
Size
28 kB (28288 bytes)
Hash
53b5e785dfdca21fa7adf7119fa1f8cc
a3a86dfd216ad29183ba5493ae39d45b62f9d8b8
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

HTTP Headers

GET /s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://googleads.g.doubleclick.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 28288
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 20:35:24 GMT
expires: Thu, 31 Aug 2023 20:35:24 GMT
cache-control: public, max-age=31536000
age: 382002
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
dfaec7e928dc91512abd43c1353ef09d
dcf5ef29c6eafd834a4c73f178a1be3f6135fb85
a03cbd7e7aa5dda4f5ef6eaf65a3281faaea63674775551ee9a9b62cf380a793

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

tpc.googlesyndication.com/simgad/13804661530389521496/downsize_200k_v1?w=1200&h=628

142.250.74.33

200 OK

102 kB

URL HTTP/2
tpc.googlesyndication.com/simgad/13804661530389521496/downsize_200k_v1?w=1200&h=628
IP
142.250.74.33:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x628, components 3\012- data
Size
102 kB (101888 bytes)
Hash
136f30dc5587cd46fd7c2224da8d0f5e
7143dbcf335d210ff427b384bca5625c4a81912b
c86cb60593eddc3ac22aa75987e4024e40d60bb14a7a4d70e48c1c4732639f60

HTTP Headers

GET /simgad/13804661530389521496/downsize_200k_v1?w=1200&h=628 HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 101888
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 10:37:12 GMT
expires: Sat, 02 Sep 2023 10:37:12 GMT
cache-control: public, max-age=31536000
age: 245094
last-modified: Fri, 01 Jul 2022 09:55:48 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5273741901806262&format=1268x320&w=1268&h=320&ptt=12&iu=1959935732&adk=3389816043&output=html&bc=7&pv=2&wgl=1&asnt=1-28399090372535540639&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1268%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53006089&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=6089&dt=1662360121662&biw=1268&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1268&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Findian-railway-map%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Findian-railway-map%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=1792&dtd=372&__amp_source_origin=https%3A%2F%2Firctcportal.in

216.58.207.226

200 OK

9.2 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5273741901806262&format=1268x320&w=1268&h=320&ptt=12&iu=1959935732&adk=3389816043&output=html&bc=7&pv=2&wgl=1&asnt=1-28399090372535540639&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1268%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53006089&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=6089&dt=1662360121662&biw=1268&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1268&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Findian-railway-map%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Findian-railway-map%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=1792&dtd=372&__amp_source_origin=https%3A%2F%2Firctcportal.in
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (36123), with no line terminators
Size
9.2 kB (9174 bytes)
Hash
9ab602e929effb31356c828ee2130d19
5de88e3c2ff210f82c0fafb43891abbb9e558173
81fca792f4362ac910961df7fb7b252acd9000c411bbc20857eccf85c6c58de3

HTTP Headers

GET /pagead/ads?client=ca-pub-5273741901806262&format=1268x320&w=1268&h=320&ptt=12&iu=1959935732&adk=3389816043&output=html&bc=7&pv=2&wgl=1&asnt=1-28399090372535540639&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1268%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=53006089&ga_cid=amp-QAdzmFh0oFWeiWEcP53rjA&ga_hid=6089&dt=1662360121662&biw=1268&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1268&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Firctcportal.in%2Findian-railway-map%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Firctcportal.in%2Findian-railway-map%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=1792&dtd=372&__amp_source_origin=https%3A%2F%2Firctcportal.in HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://irctcportal.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 05 Sep 2022 06:42:07 GMT
server: cafe
content-length: 9174
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Sep-2022 06:57:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Sep 2022 06:42:07 GMT
cache-control: private
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4583804046327930&format=1268x320&w=1268&h=320&ptt=12&iu=4003634748&adk=3651343051&output=html&bc=7&pv=2&wgl=1&asnt=1-29625846923699878163&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1268%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=3005265&ga_cid=amp-jKWpjPInyJToeHyllZSk3A&ga_hid=5265&dt=1662360122258&biw=1268&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1268&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fpuneplasma.in%2Fbest-business-centre-spaces-in-chennai%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Fpuneplasma.in%2Fbest-business-centre-spaces-in-chennai%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=771&dtd=46&__amp_source_origin=https%3A%2F%2Fpuneplasma.in

216.58.207.226

200 OK

3.0 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4583804046327930&format=1268x320&w=1268&h=320&ptt=12&iu=4003634748&adk=3651343051&output=html&bc=7&pv=2&wgl=1&asnt=1-29625846923699878163&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1268%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=3005265&ga_cid=amp-jKWpjPInyJToeHyllZSk3A&ga_hid=5265&dt=1662360122258&biw=1268&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1268&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fpuneplasma.in%2Fbest-business-centre-spaces-in-chennai%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Fpuneplasma.in%2Fbest-business-centre-spaces-in-chennai%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=771&dtd=46&__amp_source_origin=https%3A%2F%2Fpuneplasma.in
IP
216.58.207.226:0
ASN
#15169 GOOGLE

File type
data
Size
3.0 kB (3013 bytes)
Hash
0e7e2001eec64ddce91b544f6a6ce07b
b1453148e8bd69c4ad7e6fc20635509db56ab754
0adaf07c3608ba06fa627456e4937f447c1d0223c1c6e28cf28efd5414189282

HTTP Headers

GET /pagead/ads?client=ca-pub-4583804046327930&format=1268x320&w=1268&h=320&ptt=12&iu=4003634748&adk=3651343051&output=html&bc=7&pv=2&wgl=1&asnt=1-29625846923699878163&dff=Georgia%2C%20%22Times%20New%20Roman%22%2C%20Times%2C%20serif&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C1268%2C320&ifi=1&pfx=0&adf=2438287650&nhd=1&adx=0&ady=0&oid=2&is_amp=5&amp_v=2208172101000&d_imp=1&c=3005265&ga_cid=amp-jKWpjPInyJToeHyllZSk3A&ga_hid=5265&dt=1662360122258&biw=1268&bih=320&u_aw=1280&u_ah=1002&u_cd=24&u_w=1280&u_h=1024&u_tz=0&u_his=1&isw=1268&ish=320&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fpuneplasma.in%2Fbest-business-centre-spaces-in-chennai%2F&top=ntp.recruitmentdbranlu.in&loc=https%3A%2F%2Fpuneplasma.in%2Fbest-business-centre-spaces-in-chennai%2Famp%2F&ref=https%3A%2F%2Fntp.recruitmentdbranlu.in%2F&bdt=771&dtd=46&__amp_source_origin=https%3A%2F%2Fpuneplasma.in HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://puneplasma.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 05 Sep 2022 06:42:06 GMT
server: cafe
content-length: 9734
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Sep-2022 06:57:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e55281415ad2c89f8e871f59400c8dc1
bc7ca4131f13d89604161eb0641352670c28c033
1e9c57dbee44db8c9aab44449f9f0cb502a6d9f6473de439daf26414d0d2517a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Sep 2022 06:42:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/drt/ui

142.250.74.164

302 Found

0 B

URL HTTP/2
www.google.com/pagead/drt/ui
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pagead/drt/ui HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 05 Sep 2022 06:42:07 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7830 bytes)
Hash
290f6551c5ac539ea60810b135750f17
3633391a8dd87ef10fcb0d04d7b309738affc4a7
d94d133faaf232cf15b5c3f38f5b45d87d70bce0668d607b5c66a8d3f836540f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F69b1e092-41e6-4f1e-b330-193f7dd11afc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7830
x-amzn-requestid: c56af3b5-2c48-4243-b220-d56a9be47990
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X9Ey3H4JoAMFiMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63151b45-23ec24d867e3e5906fffa1a6;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fpKQlxOtyRwaZk2FUf11J62jlqcAvXgOQT-ipFQm6qW-dMHyXaEnNg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Sep 2022 21:49:31 GMT
age: 31956
etag: "3633391a8dd87ef10fcb0d04d7b309738affc4a7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpfqfJemR-cly6QAzj0l975xUYMRjd0LCXdlRwotdqxI4fKIUjTrtmq8RbXWyIiV0ZagMnfhOlu6B4DgVxgqEEByI7-7ZbI6R9MS6_wHX4mm8iRGRUIZMfJBGQejrc85mZ6buRNw&sai=AMfl-YTT--mTV-Y0NWmvbegekX0ZqnvZ6eyz4Lt4EDZR2p6DcQC84use2of1BJUaEIL047POzWd-xof0e05p&sig=Cg0ArKJSzLrPxYaq7BL3EAE&id=ampim&o=0,0&d=1140,320&ss=1280,1024&bs=1140,320&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=1273&tls=2274&g=94.96875&h=94.96875&tt=2274&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=253608770

142.250.74.130

200 OK

42 B

URL HTTP/2
pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpfqfJemR-cly6QAzj0l975xUYMRjd0LCXdlRwotdqxI4fKIUjTrtmq8RbXWyIiV0ZagMnfhOlu6B4DgVxgqEEByI7-7ZbI6R9MS6_wHX4mm8iRGRUIZMfJBGQejrc85mZ6buRNw&sai=AMfl-YTT--mTV-Y0NWmvbegekX0ZqnvZ6eyz4Lt4EDZR2p6DcQC84use2of1BJUaEIL047POzWd-xof0e05p&sig=Cg0ArKJSzLrPxYaq7BL3EAE&id=ampim&o=0,0&d=1140,320&ss=1280,1024&bs=1140,320&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=1273&tls=2274&g=94.96875&h=94.96875&tt=2274&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=253608770
IP
142.250.74.130:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pcs/activeview?xai=AKAOjstpfqfJemR-cly6QAzj0l975xUYMRjd0LCXdlRwotdqxI4fKIUjTrtmq8RbXWyIiV0ZagMnfhOlu6B4DgVxgqEEByI7-7ZbI6R9MS6_wHX4mm8iRGRUIZMfJBGQejrc85mZ6buRNw&sai=AMfl-YTT--mTV-Y0NWmvbegekX0ZqnvZ6eyz4Lt4EDZR2p6DcQC84use2of1BJUaEIL047POzWd-xof0e05p&sig=Cg0ArKJSzLrPxYaq7BL3EAE&id=ampim&o=0,0&d=1140,320&ss=1280,1024&bs=1140,320&mcvt=1001&mtos=0,0,0,1001,1001&tos=0,0,0,1001,0&tfs=1273&tls=2274&g=94.96875&h=94.96875&tt=2274&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=&uaw=&adk=253608770 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: image/gif
date: Mon, 05 Sep 2022 06:42:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

securepubads.g.doubleclick.net/tag/js/gpt.js

142.250.74.66

200 OK

0 B

URL HTTP/2
securepubads.g.doubleclick.net/tag/js/gpt.js
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Sec-Fetch-Dest: object
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 28557
date: Mon, 05 Sep 2022 06:42:04 GMT
expires: Mon, 05 Sep 2022 06:42:04 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1324 / 923 of 1000 / last-modified: 1662156382"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans%3A400%2C600&1&display=swap&ver=2.1.0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ntp.recruitmentdbranlu.in
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Sep 2022 06:42:01 GMT
date: Mon, 05 Sep 2022 06:42:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.ampproject.org/amp4ads-v0.js

216.58.211.1

200 OK

0 B

URL HTTP/2
cdn.ampproject.org/amp4ads-v0.js
IP
216.58.211.1:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /amp4ads-v0.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://googleads.g.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 69345
date: Mon, 05 Sep 2022 06:42:06 GMT
expires: Mon, 05 Sep 2022 06:42:06 GMT
cache-control: private, max-age=3000, stale-while-revalidate=1206600
etag: "69a5ead8ab96160c"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

irctcportal.in/tatkal-timing-2021/amp/

162.0.209.173

200 OK

0 B

URL HTTP/2
irctcportal.in/tatkal-timing-2021/amp/
IP
162.0.209.173:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tatkal-timing-2021/amp/ HTTP/1.1
Host: irctcportal.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ntp.recruitmentdbranlu.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
set-cookie: __wpdm_client=c11170dca089cc3d7eb6d01a7f1a1068; secure; HttpOnly
x-litespeed-tag: ad41_HTTP.200
link: <https://irctcportal.in/wp-json/>; rel="https://api.w.org/", <https://irctcportal.in/wp-json/wp/v2/pages/4008>; rel="alternate"; type="application/json", <https://irctcportal.in/?p=4008>; rel=shortlink
content-type: text/html; charset=utf-8
server-timing: amp_sanitizer;dur="38.6",amp_style_sanitizer;dur="24.4",amp_tag_and_attribute_sanitizer;dur="7.3",amp_optimizer;dur="13.5"
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Sep 2022 06:42:04 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (73)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations