r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14586
Expires: Sat, 03 Dec 2022 21:57:14 GMT
Date: Sat, 03 Dec 2022 17:54:08 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4330
Cache-Control: max-age=150554
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:43:22 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 17:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2048
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11257
Expires: Sat, 03 Dec 2022 21:01:45 GMT
Date: Sat, 03 Dec 2022 17:54:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d2DFy1j1MsQbZkbQAvuZQWdQILEOXlG2ByRPhjUe+znjf6ycrQ8FcmbkoQrtfznpuI9EN70xlRY=
x-amz-request-id: YYXX0N0PVEKNS3CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 17:46:39 GMT
age: 449
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 17:54:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=45936
date: Sat, 03 Dec 2022 17:54:08 GMT
X-Firefox-Spdy: h2
siteimproveanalytics.com/js/siteanalyze_6015663.js
172.64.173.12200 OK 13 kB URL HTTP/1.1 siteimproveanalytics.com/js/siteanalyze_6015663.js
IP 172.64.173.12:0
File type Unicode text, UTF-8 text, with very long lines (46126), with no line terminators
Hash 8d34b09483a348aee12efa3ac53237d1
7da6ecc2b915b04cffaa8cce4729f045b14928fa
3eaff7010e8f409a2c3eb1bb86608c66191110f22d6d9ae427fbae37c028db07
GET /js/siteanalyze_6015663.js HTTP/1.1
Host: siteimproveanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:08 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 13074
Connection: keep-alive
x-amz-id-2: 72V1ohCSbsvYt2+8+8Au2X8Ob5UuldbWhg8vRwA4MelOPeL6ULuVnMYvbCYcvavmCMGmVPhcp30=
x-amz-request-id: NZQ820RZ3A0GMF5E
Cache-Control: max-age=86400, no-transform
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 10:21:56 GMT
ETag: "8d34b09483a348aee12efa3ac53237d1"
CF-Cache-Status: HIT
Age: 3854
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSvISJUiQ0AOY6QQ2imLRkRe8fW1qAP%2BmK%2FqcxjHr7LYR%2BKrw44whffmFzoduNXxdRopxuk4WJy2senHFq733h6%2FMhgkJq6ZxlarKFpYDRFz%2BJ2Y2laYYJjRuLSo%2FWxb37x53BKlc69z7QQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773e2a744b6e71e6-LHR
alt-svc: h2=":443"; ma=60
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:08 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
151.101.1.229200 OK 542 B URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/assets/fonts.css
IP 151.101.1.229:0
Hash b24719d55767c669113336d8c684644d
24067e2371e11e36586528918e5c7adb7356edb9
ff84dceacce38a1a37e28e25757da04eec677c08070213f46fa0384c375ca2e7
GET /npm/@posten/hedwig@11/assets/fonts.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"855-mRW2/GJzwxRji+sy+ksrjfYsJnE"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 17:54:08 GMT
age: 31094
x-served-by: cache-fra19167-FRA, cache-bma1663-BMA
x-cache: MISS, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 542
X-Firefox-Spdy: h2
in.taskanalytics.com/00012/tm.js?r=&1595299259698
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1623121013638
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1623121013638
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1623121013638 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1623121014145
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1623121014145
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1623121014145 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
151.101.1.229200 OK 29 kB URL HTTP/2 cdn.jsdelivr.net/npm/@posten/hedwig@11/dist/posten.css
IP 151.101.1.229:0
File type Unicode text, UTF-8 text, with very long lines (54670)
Hash cab4a25d88a7f23bbe46846ffc169ace
d470188177492d7ce663c298301c852a9cfbde59
6971be30d85421291f18493ae6d84494f4fc9cd42d194aefd7197031f730cbe7
GET /npm/@posten/hedwig@11/dist/posten.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 11.9.5
x-jsd-version-type: version
etag: W/"35ae7-VIUJ2giFc9+RlRgcbyfbUh4mbO8"
content-encoding: gzip
accept-ranges: bytes
date: Sat, 03 Dec 2022 17:54:08 GMT
age: 23346
x-served-by: cache-fra-eddf8230074-FRA, cache-bma1663-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 29077
X-Firefox-Spdy: h2
in.taskanalytics.com/00012/tm.js?r=&1623121013630
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1623121013630
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1623121013630 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259862
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1623121013633
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1623121013633
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1623121013633 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php?
142.250.74.70200 OK 414 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (608), with no line terminators
Hash 415c77e688fc5d3f78964820de6e797d
0ee369806020b01a4f0030d126ea0669d0e549a1
a7934ecd043ce8d241dacdf0f4a99672e45e377f5b7130d3638af59e5dea9991
GET /activityi;src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:08 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 414
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595299259690
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061872
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061872
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061872 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061723
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061723
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061723 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595285185398
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:08 GMT
Via: 1.1 vegur
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 96994856877cac1606661c053a8c747e
6a5aebc3b58ff0576779f57b2ec6b2dac990338c
b02cc92be3a0900e795d72e9e0065a879d98866f0f45a8065b152dcf1ea58c9e
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:08 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "34B801BC303562C51329409A067ED3E5A5A53AFA"
Expires: Sun, 04 Dec 2022 04:00:00 GMT
Last-Modified: Sat, 03 Dec 2022 16:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3593
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773e2a751af3b524-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tienda.correos.es/css/common-dynamic.css
94.23.87.92200 OK 717 B URL HTTP/1.1 tienda.correos.es/css/common-dynamic.css
IP 94.23.87.92:0
File type ASCII text, with CRLF line terminators
Hash 45bca144e962bb998d9d807e54e521c3
63beb9c869ed56068010f501fde069d8e02164d7
31dda737e3779db2e9efd81ab860e724f61738acce5b10558cb6c56c76daf544
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /css/common-dynamic.css HTTP/1.1
Host: tienda.correos.es
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: server
Date: Sat, 03 Dec 2022 17:54:08 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Backend: 1
Content-Encoding: gzip
X-IPLB-Request-ID: 5B5A2A9A:C86C_5E17575C:01BB_638B8D40_6ACFF:1251D
X-IPLB-Instance: 35326
Set-Cookie: SERVERID139651=c80001a3|Y4uNQ|Y4uNQ; path=/; HttpOnly
Cache-control: private
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.170200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.170:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 17:04:03 GMT
expires: Sat, 03 Dec 2022 18:04:03 GMT
cache-control: public, max-age=3600
age: 3005
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-9852050&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b09f7f303d4768fbb98622f51247f5c0
fd766916830ace183e5bb06635676b5974131dfe
e9fdd1a0eea73d6b82e00b30a4d3a20e565bce2a15685a2b838788decd94abbc
GET /gtag/js?id=DC-9852050&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:54:08 GMT
expires: Sat, 03 Dec 2022 17:54:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44152
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (23428)
Hash 1acf5aa522c82ac96d6fa65fae948d84
59fb4e98b8b57bad3372d4df5cb979cce361183f
0595862df12d8c5e571ebcb7e4757a9597373824db415033377b7f6ea5679e7c
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://webbhaarti.in/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:54:08 GMT
expires: Sat, 03 Dec 2022 17:54:08 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76645
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
176.31.233.37200 OK 3.3 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/css/validationEngine.jquery.css?v=2019.12.17
IP 176.31.233.37:0
File type ASCII text, with CRLF line terminators
Hash a8935f51f8ca663bf3a18d4b1da31bf7
6f2e6f9c21ced7020e6d8c73c2e8ad71d797aa9d
cd363d0f8425d6b271c14ee5d6a8d693c3aa1323b64979b69c69d26661927303
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /static/shop/common/css/validationEngine.jquery.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:08 GMT
content-type: text/css
content-length: 3334
last-modified: Thu, 18 Oct 2018 11:43:12 GMT
etag: "5bc871d0-d06"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:08 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
176.31.233.37200 OK 1.2 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17
IP 176.31.233.37:0
Hash e8b5e4d5eb0df11eb339ba959520b978
24777a5efa576aec4026ff30bcf4fd6ecd81b003
2650ffdcb2bf4147d062825fee353bd86e80c1f1c22c0b29ea856fdd3213e0a3
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /static/shop/common/fonts/flaticon/flaticon.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:08 GMT
content-type: text/css
content-length: 1210
last-modified: Tue, 27 Aug 2019 11:07:48 GMT
etag: "5d650f04-4ba"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:08 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webbhaarti.in/mailer/posten/manage/file/new-style.css
192.185.129.233200 OK 15 kB URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/new-style.css
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash 287c4bbb5287abe233a7fb4a4f24296a
b7720982dc666a8224bb33edf9ce9192ad1f2eef
1572caeb735d363e28f22773782f1d95e6dcfe0078c1729b14638998adbf6dd9
GET /mailer/posten/manage/file/new-style.css HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:08 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 08 Jun 2021 00:17:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14822
Content-Type: text/css
webbhaarti.in/mailer/posten/manage/file/f.txt
192.185.129.233200 OK 14 kB URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/f.txt
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1994)
Hash f77547e2b905fde29b5afa1927834ea5
be66ea81ab3f729c3f7e87e15dda48abb9211535
cd988a722db4feefd43b0ccea6b5fc744e94b4b804516e7bee3f5d5a850342e5
Analyzer Verdict Alert fortinet Phishing
GET /mailer/posten/manage/file/f.txt HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:05 GMT
Server: nginx/1.21.6
Content-Type: text/plain
Content-Length: 13491
Last-Modified: Tue, 08 Jun 2021 00:17:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT
Accept-Ranges: bytes
webbhaarti.in/mailer/posten/manage/file/1.txt
192.185.129.233200 OK 198 B URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/1.txt
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with no line terminators
Hash e8eb78614cd69ba5458449ee67661a79
415d4f5c96e7fd519a5c16343b16507bd0ddd9dc
b3256232be85e192b3f6ad9276d3aa22c01e36fdcdf424cde262134bb60d8e24
Analyzer Verdict Alert urlquery Phishing - Posten Norge
fortinet Phishing
GET /mailer/posten/manage/file/1.txt HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:05 GMT
Server: nginx/1.21.6
Content-Type: text/plain
Content-Length: 198
Last-Modified: Tue, 08 Jun 2021 00:17:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT
Accept-Ranges: bytes
webbhaarti.in/mailer/posten/manage/file/1(1).txt
192.185.129.233200 OK 811 B URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/1(1).txt
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1529), with no line terminators
Hash ad5e42e75805f8b897d81d944f3d9a60
ccf3b1f6beb46d20f36b273981d19ff079045959
ce14e4d5d04fb7b788ecbf0833b657262eb7e061378d7cd9ca9e766cc8efa2f5
Analyzer Verdict Alert fortinet Phishing
GET /mailer/posten/manage/file/1(1).txt HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:05 GMT
Server: nginx/1.21.6
Content-Type: text/plain
Content-Length: 811
Last-Modified: Tue, 08 Jun 2021 00:17:24 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT
Accept-Ranges: bytes
webbhaarti.in/mailer/posten/manage/
192.185.129.233200 OK 161 kB URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (4648)
Size 161 kB (160629 bytes)
Hash 18171156880e697eaaf98eba01557ffd
89fedf76c123f80abd3f455d7814752fe488f252
83c9674583b556df71468ce958e6a8e543f30c8d5beec08572f71ba18768f8f4
Analyzer Verdict Alert openphish Posten Norge
fortinet Phishing
GET /mailer/posten/manage/ HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:05 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: true
X-Proxy-Cache: HIT
Transfer-Encoding: chunked
cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
176.31.233.37200 OK 2.4 kB URL HTTP/2 cdn.mycomandia.com/static/logos/correos-paq-72-mini.png
IP 176.31.233.37:0
File type PNG image data, 175 x 30, 8-bit/color RGBA, interlaced\012- data
Hash ad8f5552abb3d774a9c23cf3b0c9272b
4fc71ddac34c0b7438effc6883956ba2149a6a0c
984461e2d55896f29bb79d75b8ab42c1f8c4111bd2fb0c5f03dbc50d1b24b894
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /static/logos/correos-paq-72-mini.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:09 GMT
content-type: image/png
content-length: 2373
last-modified: Mon, 10 May 2021 14:53:58 GMT
etag: "60994906-945"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:09 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/logos/correos-paq72.png
176.31.233.37200 OK 2.0 kB URL HTTP/2 cdn.mycomandia.com/static/logos/correos-paq72.png
IP 176.31.233.37:0
File type PNG image data, 128 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 567c7f32c85fe6ca5625f95403eb05e9
ef5da723f8b205d4f75bcb2b63b6e948fa25f330
5d2fb215dbbcbfd1bd663a0cdeaf31c63abde8c6f20aa63551733ebc498bf605
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /static/logos/correos-paq72.png HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:09 GMT
content-type: image/png
content-length: 1976
last-modified: Mon, 28 Dec 2020 12:06:56 GMT
etag: "5fe9ca60-7b8"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:09 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php
172.217.21.162200 OK 288 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php
IP 172.217.21.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (607), with no line terminators
Hash 47d159eaf212360cf34c2d50c81f335b
29fe300eb3bea36a5027929a3b56b3dde7283131
fc1ef109df28824692bc47445de99ca8a5638b11abc71e57a927d731f372ee6f
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://8260928.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:54:09 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 288
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
176.31.233.37200 OK 29 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17
IP 176.31.233.37:0
Hash 48ad55358c656c274a90263fc24c216e
6599b17dff4f79a78d5804463ea560093e5ce26e
5abeaea2ecf91cc2644e7734cd8be5915068ea6e2ac9717db86851d41022b302
GET /static/shop/common/bundle/bootstrap-4.1.0/css/bootstrap.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:08 GMT
content-type: text/css
last-modified: Thu, 18 Oct 2018 11:43:18 GMT
vary: Accept-Encoding
etag: W/"5bc871d6-22485"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:08 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
webbhaarti.in/_/asset/no.posten.website:1594301215/css/postenstyle.css
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/asset/no.posten.website:1594301215/css/postenstyle.css
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_/asset/no.posten.website:1594301215/css/postenstyle.css HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webbhaarti.in/mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
webbhaarti.in/_/asset/no.posten.website:1594301215/js/chatbot.js
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/asset/no.posten.website:1594301215/js/chatbot.js
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
webbhaarti.in/_/asset/no.posten.website:1594301215/js/bundle.js
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/asset/no.posten.website:1594301215/js/bundle.js
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
in.taskanalytics.com/00012/tm.js?r=&1595299259690
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259690
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259690 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:09 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259862
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259862
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259862 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:09 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595299259698
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595299259698
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595299259698 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:09 GMT
Via: 1.1 vegur
adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php
142.250.74.66200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=8260928;type=global;cat=postengl;ord=1922311046310;gtm=2wg621;auiddc=749134256.1623120281;u1=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php;u2=app;u3=Http-posten;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=https%3A%2F%2Fwipahs.com%2Fapp%2FHttp%2Fposten%2Fmanage%2Findex.php HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:54:09 GMT
expires: Sat, 03 Dec 2022 17:54:09 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
webbhaarti.in/mailer/posten/manage/file/js
192.185.129.233200 OK 86 kB URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/js
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1578)
Hash 104e07e0e93bf6709dfd128626ae22c1
bc4f6f38b6331802f3768e92f71c51fe9122c374
6a8e46cbefc58dbc1b2f11902814d141b0c76200257c9144c5b0a025e535aa4e
Analyzer Verdict Alert urlquery Phishing - Posten Norge
fortinet Phishing
GET /mailer/posten/manage/file/js HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 17:54:05 GMT
Server: nginx/1.21.6
Content-Length: 85977
Last-Modified: Tue, 08 Jun 2021 00:17:24 GMT
X-Server-Cache: true
X-Proxy-Cache: HIT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d177680f261fa0b5bf3d5ae3ed69af85
96cdc11262db0a9531fe0cd00e908f3e824c89b3
08eac8282cf4566d382816edac93db8581b65dc2898fc7ea80d7424224ed29ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webbhaarti.in/mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash b42c541013b5b7e9fe202d4b05352891
42a5953c1c03c7286d724149068908da6df26697
73eb04f501fcecab2579a8d508b6b7e8b72d4c85f1f905d60b58685f5ec568d4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140926
Date: Sat, 03 Dec 2022 17:54:09 GMT
Etag: "638b0933-1d7"
Expires: Mon, 05 Dec 2022 09:02:55 GMT
Last-Modified: Sat, 03 Dec 2022 08:30:43 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Mw2m514O6AJ-1eB6gOY67ckapKXAGW53apQS8uyOs-8n3RvVtSApeA==
Age: 1932
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595293061872
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061872
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061872 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:09 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1595293061723
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595293061723
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595293061723 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:09 GMT
Via: 1.1 vegur
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xnYKSKbdOC8CoJujqlGBFg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2Qe/VrSsTOR7/2gTropXAaHg1Zk=
webbhaarti.in/mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /mailer/posten/manage/file/moatframe.js.t%C3%A9l%C3%A9chargement HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:09 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1595285185398
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1595285185398
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1595285185398 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:09 GMT
Via: 1.1 vegur
webbhaarti.in/_/asset/no.posten.website:1594301215/css/postenstyle.css
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/asset/no.posten.website:1594301215/css/postenstyle.css
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_/asset/no.posten.website:1594301215/css/postenstyle.css HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:09 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
www.googletagmanager.com/gtm.js?id=GTM-M83DX4
142.250.74.168302 Found 250 B URL HTTP/1.1 www.googletagmanager.com/gtm.js?id=GTM-M83DX4
IP 142.250.74.168:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1373afd5f63dc37d3b1e0cd4a9857230
c6f8ae3f09ce337c9e491f0946bdfe8eab86188a
989490b30a61855760b9f74412798e09385461c1f5f07e630d5fa943bc27a47e
GET /gtm.js?id=GTM-M83DX4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 302 Found
Location: https://www.googletagmanager.com/gtm.js?id=GTM-M83DX4
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:10 GMT
Content-Type: text/html; charset=UTF-8
Server: Google Tag Manager
Content-Length: 250
X-XSS-Protection: 0
in.taskanalytics.com/00012/tm.js?r=&1670090047893
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1670090047893
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1670090047893 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:10 GMT
Via: 1.1 vegur
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd901450af1f5a00362f62b995d3a71
9a59bc910b83700d486d9a84341d6f1e0e876dcb
696bde2c7ab8c26b95e7625bfa8a801f5adbbed1272ccdccec0b5cb447af6471
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
176.31.233.37200 OK 2.0 kB URL HTTP/2 cdn.mycomandia.com/static/shop/common/fonts/flaticon/Flaticon.woff2
IP 176.31.233.37:0
File type Web Open Font Format (Version 2), TrueType, length 2024, version 1.0\012- data
Hash c1b7ca92614b5e76d59b8b467f1d8dd9
6ada3f43e5b4ec1a77383f2af00dd2b3c990af5c
a92c73eb3e53032a9846ca27c2c579b424b45a893ac814288954762e878b5e1b
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /static/shop/common/fonts/flaticon/Flaticon.woff2 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://webbhaarti.in
Connection: keep-alive
Referer: https://cdn.mycomandia.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:10 GMT
content-type: application/octet-stream
content-length: 2024
last-modified: Tue, 27 Aug 2019 11:07:46 GMT
etag: "5d650f02-7e8"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:10 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=2024107037906;gtm=2wgbu0;auiddc=1643497107.1670090048;u1=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F;u2=mailer;u3=posten-manage;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F?
142.250.74.70200 OK 281 B URL HTTP/2 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=2024107037906;gtm=2wgbu0;auiddc=1643497107.1670090048;u1=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F;u2=mailer;u3=posten-manage;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (592), with no line terminators
Hash d35e849f1fe992669b71f8b4e4458d00
ea56220aa371530e8a61b9cc9bca9f1b598bd668
ef9118a6789f82ca7eb6557a9aa44794f8fbd800e50bb11b318fab4a48efadca
GET /activityi;src=8260928;type=global;cat=postengl;ord=2024107037906;gtm=2wgbu0;auiddc=1643497107.1670090048;u1=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F;u2=mailer;u3=posten-manage;u4=rekkef%C3%B8lge%20Post-no;u5=;~oref=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:54:10 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 281
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 18:09:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd901450af1f5a00362f62b995d3a71
9a59bc910b83700d486d9a84341d6f1e0e876dcb
696bde2c7ab8c26b95e7625bfa8a801f5adbbed1272ccdccec0b5cb447af6471
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
webbhaarti.in/_/asset/no.posten.website:1594301215/js/bundle.js
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/asset/no.posten.website:1594301215/js/bundle.js
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/bundle.js HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
Cookie: _gcl_au=1.1.1643497107.1670090048
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sat, 03 Dec 2022 18:52:32 GMT
Date: Sat, 03 Dec 2022 17:54:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sat, 03 Dec 2022 18:52:32 GMT
Date: Sat, 03 Dec 2022 17:54:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sat, 03 Dec 2022 18:52:32 GMT
Date: Sat, 03 Dec 2022 17:54:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3502
Expires: Sat, 03 Dec 2022 18:52:32 GMT
Date: Sat, 03 Dec 2022 17:54:10 GMT
Connection: keep-alive
posten.boost.ai/chatPanel/chatPanel.js
34.243.197.63200 OK 219 kB URL HTTP/2 posten.boost.ai/chatPanel/chatPanel.js
IP 34.243.197.63:0
Size 219 kB (219172 bytes)
Hash e668df66674fa8a2e3d3478b976cc91e
ff4648c6d2797cea6514bc3614eae5ea922f0ee3
95cf46758c74cb4c7865c48a5303ad12a0d6daacebc83ac3d51247bd9d130a5f
GET /chatPanel/chatPanel.js HTTP/1.1
Host: posten.boost.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:09 GMT
content-type: application/javascript
server: Apache
access-control-allow-methods: POST, GET, OPTIONS
strict-transport-security: max-age=94608000; includeSubDomains
access-control-allow-credentials: true
vary: Origin,Accept-Encoding
last-modified: Wed, 30 Nov 2022 13:46:53 GMT
etag: "b2b60-5eeb056537c32-gzip"
accept-ranges: bytes
cache-control: max-age=600
expires: Sat, 03 Dec 2022 18:04:09 GMT
content-encoding: gzip
x-frame-options: SAMEORIGIN
access-control-allow-headers: content-type, X-Requested-With, accept, Origin, Access-Control-Request-Method, Access-Control-Request-Headers, X-CSRF-TOKEN, X-XSRF-TOKEN, X-XHR-Logon, x-ms-client-application-name, x-ms-client-request-id, x-ms-client-session-id, x-ms-effective-locale
access-control-max-age: 600
x-robots-tag: noindex
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 72983
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 42800
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GBhAilKMKo9RvIzqzF9V4jTZbvpa2rPZeoy6Jy8fMc1-JO078OAYzQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:53:40 GMT
age: 43230
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 69306
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tp50A9LYeT1RvSPImBUoQNKtarPryKb8Zacm_nxqDh-gegwdQov7Nw==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:50:52 GMT
age: 50598
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
webbhaarti.in/_/asset/no.posten.website:1594301215/js/chatbot.js
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/asset/no.posten.website:1594301215/js/chatbot.js
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /_/asset/no.posten.website:1594301215/js/chatbot.js HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
Cookie: _gcl_au=1.1.1643497107.1670090048
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:10 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
in.taskanalytics.com/00012/tm.js?r=&1670090048798
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1670090048798
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1670090048798 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:10 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1670090048795
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1670090048795
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1670090048795 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:10 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1670090048797
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1670090048797
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1670090048797 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:10 GMT
Via: 1.1 vegur
in.taskanalytics.com/00012/tm.js?r=&1670090048798
54.73.26.109403 Forbidden 7 B URL HTTP/1.1 in.taskanalytics.com/00012/tm.js?r=&1670090048798
IP 54.73.26.109:0
File type ASCII text, with no line terminators
Hash 9394bb34611399534ffac4f0ece96b7f
b4e856ccc12dd97ea890dfc802609afe410903b1
63446cf888571b1c5373a4ac8452e35ac378cdee775d3e5dee86903a1381d536
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /00012/tm.js?r=&1670090048798 HTTP/1.1
Host: in.taskanalytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 403 Forbidden
Server: Cowboy
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Vary: origin
Access-Control-Expose-Headers: WWW-Authenticate,Server-Authorization
Cache-Control: no-cache
Content-Length: 7
Date: Sat, 03 Dec 2022 17:54:10 GMT
Via: 1.1 vegur
vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
143.204.55.118403 Forbidden 243 B URL HTTP/2 vars.hotjar.com/box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important;
IP 143.204.55.118:0
Hash 1a31308bff15fd282eb196033c96a701
4cebdef6b1f45cf37d61b21b4562cff2584851c6
95ecab8d90fae948b27daac94c5c7dc32da3331832a081f2a208f5925b737af4
GET /box-XMRheight:%201px%20!important;%20opacity:%200%20!important;%20pointer-events:%20none%20!important; HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: application/xml
content-length: 243
date: Sat, 03 Dec 2022 17:54:10 GMT
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jNuR-Pn8fd5W7gYlD39E8Af0RlbKiOg3a_YlFII2BdZpPgor_25jRQ==
X-Firefox-Spdy: h2
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
142.250.74.70200 OK 379 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (514), with no line terminators
Hash b0d6eab9eab3a20438b0bd13da342a70
134028116c2bead7b536a69aff5cdffbe7cef66c
a10b560c3b8f69897480622085a0ab5675665bff0b3e3f8ead749b3f2535c7dc
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /activityi;src=8260928;type=global;cat=postengl;ord=1731455357069;gtm=2wg783;auiddc=1977740214.1595281331;u1=https%3A%2F%2Fwww.posten.no%2F;u2=;u3=undefined;u4=Posten.no;u5=;~oref=https%3A%2F%2Fwww.posten.no%2F? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 379
X-XSS-Protection: 0
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
142.250.74.70200 OK 427 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Hash 7894f56de7efa41c42aab98bd8cd19ba
4a3a8110cc5a2e6deccedda3ac6d00bed188ff10
34c3b01b8c469b58e9933b67e4a12c9dd98ec4daefd4324f0aceb92cf8dd6d44
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /activityi;src=8260928;type=global;cat=postengl;ord=8037061832867;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0
8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
142.250.74.70200 OK 427 B URL HTTP/1.1 8260928.fls.doubleclick.net/activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (636), with no line terminators
Hash 78b225543f9ea122bf259d94fd379b4b
cbe260dd69e0791c6479bf8c214f28aa09a41286
e2e8bdcba10a07de068f0c41f8f0c7dd6bfed0b8b0f4aaedae5b263cd70e0362
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /activityi;src=8260928;type=global;cat=postengl;ord=4649758211791;gtm=2wg783;auiddc=1528092789.1593547249;u1=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;u2=page;u3=manage-;u4=Posten.no;u5=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F;~oref=http%3A%2F%2Flocalhost%2Fpage%2Fmanage%2F%3Fview%3Dlogin%26appIdKey%3Dfcd00c0656cc490%26country%3D? HTTP/1.1
Host: 8260928.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Timing-Allow-Origin: *
Cross-Origin-Resource-Policy: cross-origin
Date: Sat, 03 Dec 2022 17:54:10 GMT
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, must-revalidate
Strict-Transport-Security: max-age=21600
Content-Type: text/html; charset=UTF-8
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: cafe
Content-Length: 427
X-XSS-Protection: 0
b.scorecardresearch.com/beacon.js
143.204.55.25200 OK 1.9 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP 143.204.55.25:0
File type ASCII text, with very long lines (3936)
Hash 95ead88a8555078b6f6bb9f697a8a4ec
1fbbfb3a67372b6b034d295a717e6601344e7216
4e0f7c7a56fc7a7bfc3d73b3ea4b4981c676efaaa126b6576e2b4f21eba78a88
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sat, 03 Dec 2022 01:57:21 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: K2TGQEMln95ZMAYbaEo1toJ7DZpa_3LNPsjyNpzM5YufWkR4icCtiw==
Age: 57411
connect.facebook.net/en_US/fbevents.js
31.13.72.12301 Moved Permanently 0 B URL HTTP/1.1 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 301 Moved Permanently
Location: https://connect.facebook.net/en_US/fbevents.js
Content-Type: text/plain
Server: proxygen-bolt
Date: Sat, 03 Dec 2022 17:54:11 GMT
Connection: keep-alive
Content-Length: 0
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Sat, 03 Dec 2022 17:54:11 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-hel1410029-HEL
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.121200 OK 4.6 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.121:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (12961)
Hash c1a25b303b61b25e995516f5559bcdea
3c16a6fa3a2a6dc59d57a9ea1588c4f259884688
2063d2d1415ce9437e9331cb9a798714a5b2e106a65d6dc0ef0d426a5a4c30f2
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 18:52:45 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=30030
date: Sat, 03 Dec 2022 17:54:11 GMT
content-length: 4581
x-cdn: AKAM
X-Firefox-Spdy: h2
acdn.adnxs.com/dmp/up/pixie.js
151.101.193.108200 OK 3.3 kB URL HTTP/1.1 acdn.adnxs.com/dmp/up/pixie.js
IP 151.101.193.108:0
File type ASCII text, with very long lines (9139), with no line terminators
Hash 75b9af81e30e45403e6856566e888545
d013e9a47331447f32c2bdf6f35b286e711788f0
dd26e2e55783f6174ceea7c7a3b10e5af1c7fca56fc2543956a38b848f32a151
GET /dmp/up/pixie.js HTTP/1.1
Host: acdn.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 3340
Server: nginx/1.18.0 (Ubuntu)
Content-Type: application/javascript
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
ETag: W/"60b79de0-23b3"
Expires: Mon, 31 Oct 2022 05:58:51 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 03 Dec 2022 17:54:11 GMT
Age: 42852
X-Served-By: cache-lga21930-LGA, cache-bma1672-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 12846
X-Timer: S1670090051.152967,VS0,VE0
Vary: Accept-Encoding
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.46200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 17:34:27 GMT
expires: Sat, 03 Dec 2022 18:34:27 GMT
cache-control: public, max-age=3600
age: 1184
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.hotjar.com/modules.a1fbf755044ca8f629ba.js
143.204.55.46200 OK 89 kB URL HTTP/2 script.hotjar.com/modules.a1fbf755044ca8f629ba.js
IP 143.204.55.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash db69fc2480d3485a988c1628d311d0c0
82abdfda4d399e9e8032a71f1f962e91ad80860f
7517e0f2be2260c0cd09514fb51ac73f72751caa5e58e4fa5267732f3862b318
GET /modules.a1fbf755044ca8f629ba.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 88758
date: Tue, 15 Nov 2022 07:02:34 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "db69fc2480d3485a988c1628d311d0c0"
last-modified: Wed, 22 Jul 2020 09:42:49 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lUmV6dFN7PJTHhBXHktVQHoNgwkkEuHMl6ulRPoyeU1qznBbdgeHrQ==
age: 1594297
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da080c220e9d820021e724769ec7af33
34a8507076b65078ca223509106f534295d9a475
b7d86b9bc183dcf13a619a09679539f5c7bb4bea53b9c679b78941a30372f16f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2396
Cache-Control: max-age=92450
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Etag: "638a4a09-1d7"
Expires: Sun, 04 Dec 2022 19:35:01 GMT
Last-Modified: Fri, 02 Dec 2022 18:55:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
static.ads-twitter.com/uwt.js
151.101.244.157304 Not Modified 0 B URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-hel1410029-HEL
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 8378f3d19580696b0561fc259709762a
e22020d954e81f978a08b686c59d89789538c1ef
23c0f277c0374ecfdd4ad276d34391b154e492326e2fbc36e110196eca22c54f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=105611
Date: Sat, 03 Dec 2022 17:54:11 GMT
Etag: "638a80bf-1d7"
Expires: Sun, 04 Dec 2022 23:14:22 GMT
Last-Modified: Fri, 02 Dec 2022 22:48:31 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: e8S8TtNo9a3JxxQqAmm1_BBe4DjwE9KjlwOFY8YGE1UMHq84FlTL1g==
Age: 1551
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4bd6e9dbab52574ed6a57755850845d3
2023796487837093cbb74915bccf4c01af0d1082
e5cda570ffc3b87673a243cd6a3dbe293e749c379e11584a4eca633e884cb1b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.ads-twitter.com/uwt.js
151.101.244.157304 Not Modified 0 B URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/
If-Modified-Since: Thu, 27 Oct 2022 18:55:37 GMT
If-None-Match: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
HTTP/1.1 304 Not Modified
Connection: keep-alive
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: no-cache
ETag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
X-Served-By: cache-hel1410029-HEL
X-Cache: HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 16:46:55 GMT
expires: Sat, 03 Dec 2022 18:46:55 GMT
cache-control: public, max-age=7200
age: 4036
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da080c220e9d820021e724769ec7af33
34a8507076b65078ca223509106f534295d9a475
b7d86b9bc183dcf13a619a09679539f5c7bb4bea53b9c679b78941a30372f16f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2396
Cache-Control: max-age=92450
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Etag: "638a4a09-1d7"
Expires: Sun, 04 Dec 2022 19:35:01 GMT
Last-Modified: Fri, 02 Dec 2022 18:55:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&title=rekkef%C3%B8lge%20Post-no&res=1280x1024&accountid=6015663&rt=2993&prev=7d21b930-93bf-04aa-3b49-a0c0202f001d&luid=964e670c-8fad-bdc5-8a38-eacbd532eaf4&rnd=17642
3.123.165.229200 OK 34 B URL HTTP/2 6015663.global.siteimproveanalytics.io/image.aspx?url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&title=rekkef%C3%B8lge%20Post-no&res=1280x1024&accountid=6015663&rt=2993&prev=7d21b930-93bf-04aa-3b49-a0c0202f001d&luid=964e670c-8fad-bdc5-8a38-eacbd532eaf4&rnd=17642
IP 3.123.165.229:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash a82ba3a9d42148e9cf209df13d8c3f3d
dba80835d31175bdcf0bcad1abafefb06d86e304
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /image.aspx?url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&title=rekkef%C3%B8lge%20Post-no&res=1280x1024&accountid=6015663&rt=2993&prev=7d21b930-93bf-04aa-3b49-a0c0202f001d&luid=964e670c-8fad-bdc5-8a38-eacbd532eaf4&rnd=17642 HTTP/1.1
Host: 6015663.global.siteimproveanalytics.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:11 GMT
content-type: image/gif
content-length: 34
set-cookie: AWSALB=omR/Wke/3CLyw/zpgbL4uxqtaqKcM+fZqfywuYrw/6KbAPjGc441EZom+spiNmNtyy37um0zaZOnYiN00fGhCNdbPeLbbOUK1gXblOfq9KoAVs68jxbUz0tbLZs0; Expires=Sat, 10 Dec 2022 17:54:11 GMT; Path=/
AWSALBCORS=omR/Wke/3CLyw/zpgbL4uxqtaqKcM+fZqfywuYrw/6KbAPjGc441EZom+spiNmNtyy37um0zaZOnYiN00fGhCNdbPeLbbOUK1gXblOfq9KoAVs68jxbUz0tbLZs0; Expires=Sat, 10 Dec 2022 17:54:11 GMT; Path=/; SameSite=None; Secure
cache-control: max-age=0
expires: Sat, 03 Dec 2022 17:54:11 UTC
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.132302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.132:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:54:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion_async.js
142.250.74.2200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.2:0
File type ASCII text, with very long lines (1654)
Hash f2258b08ae7f4c53a27c27e21536ef06
65fe239266dc4c3f8f8e25dfd039a77733f75f67
fd9775067ede051cfe4861265da0e9374a20cd833fedcd3c9708af0b525f8921
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 03 Dec 2022 17:54:11 GMT
expires: Sat, 03 Dec 2022 17:54:11 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16595884479219046262
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15190
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: hhkIdRV02MNRv/T/Vj1ZxoKEynABu34Lt8LRY44eiYz1j5lPgSEsOSr5ZEKSngcWrgrYtZKkJODfNNo4qJqIKg==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 17:54:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&ct_cookie_present=1
216.58.207.194200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&ct_cookie_present=1
IP 216.58.207.194:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:54:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 03-Dec-2022 18:09:11 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash da080c220e9d820021e724769ec7af33
34a8507076b65078ca223509106f534295d9a475
b7d86b9bc183dcf13a619a09679539f5c7bb4bea53b9c679b78941a30372f16f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2396
Cache-Control: max-age=92450
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Etag: "638a4a09-1d7"
Expires: Sun, 04 Dec 2022 19:35:01 GMT
Last-Modified: Fri, 02 Dec 2022 18:55:05 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
142.250.74.174200 OK 6.2 kB URL HTTP/2 encrypted-tbn0.gstatic.com/images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9
IP 142.250.74.174:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x168, components 3\012- data
Hash 2063951383d22405d0663550e2ed3762
6a256b7cdec8d0e0aaf2c86c17e7cc34693a609e
0fb41ab8877699782e17566fafad17e01b8d04b840db658583cb0d3b9508fff4
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /images?q=tbn%3AANd9GcQTrX8MP4pA-vzwCA0DiAM71Fj69Cm9CP7aY7NITLF99rsGcwM9 HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 6238
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 17:54:11 GMT
expires: Sun, 03 Dec 2023 17:54:11 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 28 Dec 2017 03:23:06 GMT
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 99c6e888e109cfca37de80b29e284001
3082cf79c611491ae64e5599f55e9e4908c457a6
19503ecb247142c34038b8ac5e0a5ab5bc7d94ef205beb3edde394275010e15f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
142.250.74.35200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 142.250.74.35:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Analyzer Verdict Alert urlquery Phishing - Posten Norge
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 15:29:48 GMT
expires: Sun, 03 Dec 2023 15:29:48 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 8663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.67200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.67:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/undefined/?random=1670090047885&cv=11&fst=1670090047885&bg=ffffff&guid=ON&async=1>m=2wgbu0&u_w=1280&u_h=1024&label=undefined&hn=www.google.com&frm=0&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&tiba=rekkef%C3%B8lge%20Post-no&value=0&bttype=purchase&auid=1643497107.1670090048&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://webbhaarti.in/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 17:54:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1670090049126&v=0.0.20&u=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&st=1670090049125&et=1670090049127&if=0
37.252.172.123200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1670090049126&v=0.0.20&u=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&st=1670090049125&et=1670090049127&if=0
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=9c3f7c51-769b-4487-8db5-bef9b5c66993&it=1670090049126&v=0.0.20&u=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&st=1670090049125&et=1670090049127&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 17:54:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1670090049126&v=0.0.20&u=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&st=1670090049125&et=1670090049126&if=0
37.252.172.123200 OK 42 B URL HTTP/1.1 ib.adnxs.com/pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1670090049126&v=0.0.20&u=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&st=1670090049125&et=1670090049126&if=0
IP 37.252.172.123:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pixie?e=PageView&pi=3ff1e0a2-bf36-4112-bfb2-d9ea337ee435&it=1670090049126&v=0.0.20&u=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&st=1670090049125&et=1670090049126&if=0 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 03 Dec 2022 17:54:11 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 17:54:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1670090049123&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=&time=1670090049123&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=&time=1670090049123&url=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&12ac9801-9bec-4c54-8a13-ea34957bcb4d"; domain=.linkedin.com; Path=/; Secure; Expires=Sun, 03-Dec-2023 17:54:11 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2443:u=1:x=1:i=1670090051:t=1670176451:v=2:sig=AQFI0qMBix_bIFUe9SISJL-fdzzxJnp1"; Expires=Sun, 04 Dec 2022 17:54:11 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXu8CRA7Gm/c6kf2SCSug==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B6ADA103D2184D9DA2D53D162F88E51E Ref B: OSL30EDGE0108 Ref C: 2022-12-03T17:54:11Z
date: Sat, 03 Dec 2022 17:54:10 GMT
content-length: 0
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&rl=&if=false&ts=1670090049413&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670090049412.1311973095&it=1670090049261&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&rl=&if=false&ts=1670090049413&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670090049412.1311973095&it=1670090049261&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=843920095719058&ev=PageView&dl=http%3A%2F%2Fwebbhaarti.in%2Fmailer%2Fposten%2Fmanage%2F&rl=&if=false&ts=1670090049413&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670090049412.1311973095&it=1670090049261&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sat, 03 Dec 2022 17:54:11 GMT
X-Firefox-Spdy: h2
webbhaarti.in/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-192/posten-logo.png HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
Cookie: _gcl_au=1.1.1643497107.1670090048; nmstat=7d21b930-93bf-04aa-3b49-a0c0202f001d
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:11 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
webbhaarti.in/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-16/posten-logo.png
192.185.129.233500 Internal Server Error 0 B URL HTTP/1.1 webbhaarti.in/_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-16/posten-logo.png
IP 192.185.129.233:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_/image/60b33711-0a7f-40bc-974b-0209e50dae4a:91dbc5bf28c5fb069b0219ca5856e5da19efea66/square-16/posten-logo.png HTTP/1.1
Host: webbhaarti.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://webbhaarti.in/mailer/posten/manage/
Cookie: _gcl_au=1.1.1643497107.1670090048; nmstat=7d21b930-93bf-04aa-3b49-a0c0202f001d
HTTP/1.1 500 Internal Server Error
Date: Sat, 03 Dec 2022 17:54:11 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
connect.facebook.net/signals/config/843920095719058?v=2.9.40&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/843920095719058?v=2.9.40&r=stable
IP 31.13.72.12:0
GET /signals/config/843920095719058?v=2.9.40&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: bhm5yJM5W84kFZi6Tka38iWwTxxeHhsD+tj7GWLZ3rDXp7aOJx7jLV3Zk8AEE2w8wkU4TLlN8JKkl5oIjtAnkw==
x-fb-trip-id: 1904183273
date: Sat, 03 Dec 2022 17:54:11 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=PT+Sans:400,700
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=PT+Sans:400,700
IP 142.250.74.106:0
GET /css?family=PT+Sans:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 17:54:09 GMT
date: Sat, 03 Dec 2022 17:54:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
176.31.233.37200 OK 0 B URL HTTP/2 cdn.mycomandia.com/static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17
IP 176.31.233.37:0
GET /static/shop/common/bundle/font-awesome-5/web-fonts-with-css/css/fontawesome-all.min.css?v=2019.12.17 HTTP/1.1
Host: cdn.mycomandia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://webbhaarti.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 17:54:08 GMT
content-type: text/css
last-modified: Thu, 18 Oct 2018 11:43:16 GMT
vary: Accept-Encoding
etag: W/"5bc871d4-8ef7"
server: rebelio-n2
expires: Sun, 03 Dec 2023 17:54:08 GMT
cache-control: max-age=31536000
backend: 2
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2