r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7172
Expires: Sun, 27 Nov 2022 16:41:18 GMT
Date: Sun, 27 Nov 2022 14:41:46 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5226
Cache-Control: max-age=162993
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:46 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:58:19 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 14:19:23 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1343
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7046
Expires: Sun, 27 Nov 2022 16:39:12 GMT
Date: Sun, 27 Nov 2022 14:41:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RpRFEtdbILanCGg4N5GP5lkzh5pE9BthIkDE9eZqDZduSp0HljpB29DVvoxdsYsmyjHgVlZOH4g=
x-amz-request-id: C8ENZAJ9FXZ1VGYD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 13:44:39 GMT
age: 3427
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 14:41:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 14:08:54 GMT
cache-control: public,max-age=3600
age: 1973
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
niskerko.com/
199.201.110.168301 Moved Permanently 0 B IP 199.201.110.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 27 Nov 2022 14:41:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Redirect-By: WordPress
Set-Cookie: yay_currency_widget=1296; expires=Tue, 27-Dec-2022 14:41:47 GMT; Max-Age=2592000; path=/
Location: https://niskerko.com/
Vary: User-Agent
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5212
Cache-Control: max-age=157917
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:47 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:33:44 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.comodoca.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash a965590a26c41ab729b35f11ae5d2388
8ed9de0303fe0083667f3723bb4aceddd38b2a40
079a7a50a72527ad55b6f989f3378fdb214b31aad5d6a343b4ef5d5ecb3b8c00
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 27 Nov 2022 14:41:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 26 Nov 2022 19:59:07 GMT
Expires: Sat, 03 Dec 2022 19:59:06 GMT
Etag: "8ed9de0303fe0083667f3723bb4aceddd38b2a40"
Cache-Control: max-age=536863,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 25
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770ba07199c6fabc-OSL
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wMjPAkPkihc21uypI5ViSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dkkeOosmzXxcQNnHkUQFmpvTO38=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3004
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 14:41:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3004
Expires: Sun, 27 Nov 2022 15:31:51 GMT
Date: Sun, 27 Nov 2022 14:41:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 61173
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AVwDLlKoy5pc9NNuR_OakMB0ONGAoO-k2AKwV--b2sjiaqYSKAWlZg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
age: 61173
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7f16c0f8a8e710210ce77c0e4c1c2a2
590c34be54c9889eec4ff7993e070fda836f711f
4224287ba765da59c877ac4f1dec65accc5bec934b7598d9cbbee669ba4ab12e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15290721-a62e-49b8-80c6-967680cff24f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6883
x-amzn-requestid: 9e3878c9-1817-427e-b121-969a8cbc7ad8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cL1ySF0tIAMFY4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638169a8-5143ffea77b70cf67ef60ad7;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 01:19:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K4mksi8EQxTxRXDqN-0iWJc-LmiI7joDX5xGmPb1HetziDj4mRCC7Q==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:53:37 GMT
age: 31690
etag: "590c34be54c9889eec4ff7993e070fda836f711f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 892849386662d30042f01ab952a3ec14
3b349ac17a00d68875e64bee110ec85d07cffda2
893797d55f15081d45af7a31af9fefe106ace9ba236e9b113787d07ab416faf9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F661e728e-05a1-40d9-ae81-c058443324b3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9926
x-amzn-requestid: 4e2c72af-2cce-4740-9962-6a7f9e217272
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_cVCHwEoAMF3lQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7420-51c2e04b4fae5b576a679db5;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:02:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rZTk5ONMhQB66WF0VWIRmlTOdzEJO-NJVl4TCibzbH2fZXY_9Mx9kQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 18:42:19 GMT
age: 71968
etag: "3b349ac17a00d68875e64bee110ec85d07cffda2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: fc238ea9-0169-47fc-b92e-f12b3ee27c72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b433YGtOoAMFexg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d362-2f97c67a2e5f05b6746cf858;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:12:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oMrdB0NUGe5CqTY7eFd3u8xaSy9TyDdOrf1awBikFJzm3jWreD2irQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 12:30:20 GMT
age: 7887
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
age: 61173
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 4c68738619a804148d1c723255009198
aa5b458f6fce0c4f4aef0623f3bf5d8c6f6cfafd
9707f3ee6320844cad2474031ec9651e771581031ca5b9d2fb21f899847b2892
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:49 GMT
Last-Modified: Sun, 27 Nov 2022 12:55:20 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 35943f9e7b154185ec2aa7052872d310
4fd76a688a3d62ff39f2bd1a2508a7ab5b146e7c
276b9f8ee48e3f9382ba7701bfb1d29d9f9372a4bc9562900e2df4d10cd871c9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2271
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:49 GMT
Last-Modified: Sun, 27 Nov 2022 14:03:58 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
niskerko.com/
199.201.110.168200 OK 154 kB IP 199.201.110.168:0
File type HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size 154 kB (153980 bytes)
Hash f36ea81dac5830940dd0803aa5e15e52
fc0987e0491b683ef2c27b659f19d9f2285768ce
9707782b3d7e51e23fe765bc5bce0ed91e231050c023196c620310d45dc0f568
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Link: <https://niskerko.com/wp-json/>; rel="https://api.w.org/", <https://niskerko.com/wp-json/wp/v2/pages/72>; rel="alternate"; type="application/json", <https://niskerko.com/>; rel=shortlink
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: yay_currency_widget=1296; expires=Tue, 27-Dec-2022 14:41:48 GMT; Max-Age=2592000; path=/
PHPSESSID=f76e8f0bebadf0d25ebf07accf281965; path=/
Vary: Accept-Encoding,User-Agent
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 14:19:24 GMT
expires: Sat, 25 Nov 2023 14:19:24 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 174145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
142.250.74.74200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (65447)
Hash 7808e0e4b7a714230373852158500533
4a79d18722a68a2f38d52e2d3a11b550bdd30b3c
8ba5796bee6a065b8b31895e7e8d59ba564cfd36d2ce056e327588e67736f054
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 11:24:15 GMT
expires: Tue, 21 Nov 2023 11:24:15 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 530254
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
niskerko.com/wp-content/plugins/ti-woocommerce-wishlist/assets/fonts/tinvwl-webfont.woff2?ver=xu2uyi
199.201.110.168200 OK 4.4 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/ti-woocommerce-wishlist/assets/fonts/tinvwl-webfont.woff2?ver=xu2uyi
IP 199.201.110.168:0
File type Web Open Font Format (Version 2), TrueType, length 4404, version 1.0\012- data
Hash 8c08be57504e2c88a3a30137b7ab4cf0
9f0ae0ec45f39685d2a1087ed6e81220cf4e5162
07444089d3352d24f2b95b60710475f82a79460c5f578a8ded3508f50c0400ef
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/fonts/tinvwl-webfont.woff2?ver=xu2uyi HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: application/font-woff2
Content-Length: 4404
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:37:05 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.2
199.201.110.168200 OK 4.9 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.2
IP 199.201.110.168:0
File type ASCII text, with very long lines (4933), with no line terminators
Hash e372df47bd19e1563b557d7bdb817188
4efdf4050a78bdbd88aa255955b7423105895dd0
4b7693154069c53a16468d09d89c9eba5da6c0dfc69cf4d7eb675e32ba663361
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=7.2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 4933
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/yaycurrency/blocks/style.css?ver=1662637040
199.201.110.168200 OK 3.2 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/yaycurrency/blocks/style.css?ver=1662637040
IP 199.201.110.168:0
Hash 41c4011f46685c0d360a571b32f250b3
053f8362ba218b7d9a914ba63a7475f6390645c6
546187cc987a1907a0bedbd1e5be252b5215b64f167939b74c100f8582454e30
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yaycurrency/blocks/style.css?ver=1662637040 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 3179
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 11:37:20 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=6.1.1
199.201.110.168200 OK 31 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=6.1.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (30621), with CRLF line terminators
Hash d895cb3b95f3418066af2154c9b6607c
a619ba82e4237ca55c3c2a9532e205e7806c7469
503a0cce4bc611917aea2513bab95a98100599d5072946eedc0d4ce7b859303e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-ajax-filters/berocket/assets/css/font-awesome.min.css?ver=6.1.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 30788
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:25:24 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/style-index.css?ver=2.2.5
199.201.110.168200 OK 13 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/style-index.css?ver=2.2.5
IP 199.201.110.168:0
Hash bdf78a327f386dba71bf3268a33dfa4b
343fc00f2532581f41667fc66e23d67e9c7920cb
65337e91071a729643ef35ecd410ff0d8f94da3dc0e17bbf7545db2c563ddd10
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/css/style-index.css?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 13098
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.2
199.201.110.168200 OK 212 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.2
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Size 212 kB (212343 bytes)
Hash 5dcf0b1b1a3d81ef28b5750cdc76c5f6
abfe501a8db645c8dbc11ac81d1d1cfbcf2919e7
a16126f4cfb8aa52abb2c0b12e588c84708da95e2426e16477dd8f42b61b96f4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=7.2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 212343
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/css/classic-themes.min.css?ver=1
199.201.110.168200 OK 217 B URL HTTP/1.1 niskerko.com/wp-includes/css/classic-themes.min.css?ver=1
IP 199.201.110.168:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 217
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/sold-out-badge-for-woocommerce//style.css?ver=6.1.1
199.201.110.168200 OK 180 B URL HTTP/1.1 niskerko.com/wp-content/plugins/sold-out-badge-for-woocommerce//style.css?ver=6.1.1
IP 199.201.110.168:0
Hash c3ba98d5789cec288f1cab23a0bd99ad
73012bce179b67fb0260b33f267dd075be313b76
d35ed9360dfedea404e69b389fb297ae35f6064e5d8ae6d7c76b66eeeeb887ad
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/sold-out-badge-for-woocommerce//style.css?ver=6.1.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 180
Connection: keep-alive
Last-Modified: Fri, 09 Sep 2022 11:37:08 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.4.1
199.201.110.168200 OK 18 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.4.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (17809), with no line terminators
Hash 1ddf23fcfd1b2941c456ce01da8180a6
156ef5cc77061010e3f4123a47fa415c6391e5ff
dd18a408a35aa5d393458657eb24fb56ab754ece3f88bd78a038e5793d3f6991
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 17809
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.4.1
199.201.110.168200 OK 63 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.4.1
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash 979b8b56e801469d95453055366ef54c
cb8a0bb5f00fee130a289ea4dfafc00fa53e1c04
d3322ccb3912f7a9485eb1d75971fd5e1eb49c6575ff5ad985fb5496333e8c8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 62755
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/advanced-woo-search/assets/css/common.min.css?ver=2.67
199.201.110.168200 OK 10 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/advanced-woo-search/assets/css/common.min.css?ver=2.67
IP 199.201.110.168:0
File type ASCII text, with very long lines (9954), with no line terminators
Hash 1a8beb6df50e815dfd2b4253750fd67c
86dd809d43da3fbe9fbf21e3550c90f518b85791
6616ac507c6f6b3c3b70d01d05f7c1782048bad056330f12089ce0c0dacea823
GET /wp-content/plugins/advanced-woo-search/assets/css/common.min.css?ver=2.67 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 9954
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:37:06 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.m
142.250.74.74404 Not Found 1.6 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.m
IP 142.250.74.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 361bf8eb04e355bf91363826eab8ab52
ad25b8ae62aa6552da27b84961e8f5dbe1b05673
54a283ae5f9088c3bcea07e8e3ef0ea5f6246f719854974d48613c825a1e2ebf
GET /ajax/libs/jquery/3.5.1/jquery.m HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sun, 27 Nov 2022 14:41:50 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1592
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
niskerko.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
199.201.110.168200 OK 95 kB URL HTTP/1.1 niskerko.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 94889
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 23:37:14 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.1.5
199.201.110.168200 OK 153 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.1.5
IP 199.201.110.168:0
File type ASCII text, with very long lines (44578), with CRLF line terminators
Size 153 kB (152813 bytes)
Hash 3ee2efda9a3241a3840d2bf3071bb79d
95718aa26044872e256f34e1cf6e72e3b0027741
383a1396d5b6de56f357223bb468d0cfc4287b3b7815f22052892a508ac912b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce-ajax-filters/assets/frontend/css/fullmain.min.css?ver=1.6.1.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:49 GMT
Content-Type: text/css
Content-Length: 152813
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:25:24 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2
199.201.110.168200 OK 2.7 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2
IP 199.201.110.168:0
Hash 0b7cd03b4d1d17a0a6e2990326359499
caf70fece9b7cb99b5789e60d086549c06edf566
8eeafb86d8ce986b8bdc835861dc294481f69b714b05c3427b26133ffdff755f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 2667
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 23:37:20 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/css/font-awesome.min.css?ver=2.2.5
199.201.110.168200 OK 31 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/css/font-awesome.min.css?ver=2.2.5
IP 199.201.110.168:0
File type ASCII text, with very long lines (30837)
Hash 008e0bb5ebfa7bc298a042f95944df25
93897ebc560b38a1d2bff43c22dd6a3b7ee90c0c
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
GET /wp-content/plugins/woolentor-addons/assets/css/font-awesome.min.css?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 30999
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/css/simple-line-icons.css?ver=2.2.5
199.201.110.168200 OK 9.6 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/css/simple-line-icons.css?ver=2.2.5
IP 199.201.110.168:0
File type ASCII text, with very long lines (360)
Hash d0ddd8b5c33b2ede0482ebfd45cad295
77a95af0c966c4cb388664a735a5f963626a41e9
8699c61a9d356f2c0dbbbe0ff165e0279b2d9dfa3eece03af5f7dc7bfb933757
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woolentor-addons/assets/css/simple-line-icons.css?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 9619
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/css/htflexboxgrid.css?ver=2.2.5
199.201.110.168200 OK 17 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/css/htflexboxgrid.css?ver=2.2.5
IP 199.201.110.168:0
Hash da88144a7830a4b00d6c8e9156cd371f
e5abcac290e4825d6c6feebe3950eadb3c7b12c6
8576bc64874c3f0157c7fa0f78e747e8c9a7283a35332e31925826373ac17e26
GET /wp-content/plugins/woolentor-addons/assets/css/htflexboxgrid.css?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 16895
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/css/slick.css?ver=2.2.5
199.201.110.168200 OK 1.7 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/css/slick.css?ver=2.2.5
IP 199.201.110.168:0
Hash 13b1b6672b8cfb0d9ae7f899f1c42875
6e9d13342a11a8cfd9e42ee243eaeae01cda4e25
d917660c3d6f7aad32ebc4b0012c6d0bb84a13e201a012e334bcca4b9f4686c9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woolentor-addons/assets/css/slick.css?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 1729
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/yaycurrency/src/styles.css?ver=1.8.7
199.201.110.168200 OK 6.0 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/yaycurrency/src/styles.css?ver=1.8.7
IP 199.201.110.168:0
Hash 4b210e69c231573b89782df15baff4ef
7f9246cbdfac48cfc64a3d45ed8070d4601bae69
c5a8c699b32432d5d2a3dc3d1dd8e7e1ef36456ceccdc9d6805564af13c21374
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yaycurrency/src/styles.css?ver=1.8.7 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 5976
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 11:37:20 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/ti-woocommerce-wishlist/assets/css/webfont.min.css?ver=2.0.15
199.201.110.168200 OK 3.4 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/ti-woocommerce-wishlist/assets/css/webfont.min.css?ver=2.0.15
IP 199.201.110.168:0
File type ASCII text, with very long lines (496)
Hash d37ce740dcf45994760849d2e3799229
b2b16fba5ab795ad9fff157d2741a4939fcef53d
09d1bfd77fc90364cfc69d6105feaa66b89cb56a8273da35e453102094f16cc7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/css/webfont.min.css?ver=2.0.15 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 3408
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:37:05 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/ti-woocommerce-wishlist/assets/css/public.min.css?ver=2.0.15
199.201.110.168200 OK 33 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/ti-woocommerce-wishlist/assets/css/public.min.css?ver=2.0.15
IP 199.201.110.168:0
File type ASCII text, with very long lines (801)
Hash 4c837ab443abeb140cd58f905d4f2d78
488e58ae03fc46172c81415b4fdb6c64ca32a539
89acd472f0e1ad7c680e07a406d9f0907cdd95bd57d81e3fe39b5fd0ffbf1fc6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/ti-woocommerce-wishlist/assets/css/public.min.css?ver=2.0.15 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 32856
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 23:37:05 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/themes/NiskerkoTheme/css/forms.css?ver=1641083874
199.201.110.168200 OK 0 B URL HTTP/1.1 niskerko.com/wp-content/themes/NiskerkoTheme/css/forms.css?ver=1641083874
IP 199.201.110.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/NiskerkoTheme/css/forms.css?ver=1641083874 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 0
Connection: keep-alive
Last-Modified: Sun, 02 Jan 2022 00:37:54 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/css/woolentor-widgets.css?ver=2.2.5
199.201.110.168200 OK 151 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/css/woolentor-widgets.css?ver=2.2.5
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (347)
Size 151 kB (151405 bytes)
Hash b966ae71d7b3442f20b577dba948871d
d5702d61656fc72b77fd2464de45e68b11db9403
ed94a4a58fa480f049cddf501e8b82a06b2e20da6e13304b86ff814d769402d2
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woolentor-addons/assets/css/woolentor-widgets.css?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 151405
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/css/font/flaticon.css?ver=2.2
199.201.110.168200 OK 857 B URL HTTP/1.1 niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/css/font/flaticon.css?ver=2.2
IP 199.201.110.168:0
Hash b242f426403db6323a0a1152b5777c7b
1de14899df5d68a95e50573c0e09977a1fbd16d0
a4efdef0ff0c251fe69ea31b06d5ef7b7f8f8d533343c581e9bab22c92e627b4
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-product-gallery-slider/assets/css/font/flaticon.css?ver=2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 857
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 22:38:36 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/css/slick-theme.css?ver=2.2
199.201.110.168200 OK 3.2 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/css/slick-theme.css?ver=2.2
IP 199.201.110.168:0
Hash eab4136cac11ac742af5bba15391c621
c0ddc1a33c971fbce7f7554bc23bff86c0ed2106
1f7ef8dee266d01f98245f62baadf4ed304b35c09f3b48ac7110c2e9a9f4111a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-product-gallery-slider/assets/css/slick-theme.css?ver=2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 3190
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 22:38:36 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/css/jquery.fancybox.min.css?ver=2.2
199.201.110.168200 OK 13 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/css/jquery.fancybox.min.css?ver=2.2
IP 199.201.110.168:0
File type ASCII text, with very long lines (12795)
Hash 71cebc0cd666f182f1ab1dbe4a9f15c1
bfa13de0fab7defa3a25c3197e90b600c4897c34
0e63c56dd7b48f4f1ea9f1e6c8d1ed3359eedd8f42888bfbd838603f6f989d58
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-product-gallery-slider/assets/css/jquery.fancybox.min.css?ver=2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 12796
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 22:38:36 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/themes/NiskerkoTheme/css/main.css?ver=1661036819
199.201.110.168200 OK 56 kB URL HTTP/1.1 niskerko.com/wp-content/themes/NiskerkoTheme/css/main.css?ver=1661036819
IP 199.201.110.168:0
File type assembler source, ASCII text, with very long lines (361)
Hash d24a0571add3e046be6e34fee638613b
8dc8ded921bae05bb9595ddc02646f0338a9ac5c
78efaa38df644c2a1b4824b094ef69c6f2d04179a8a56ba27398d09b33428cdf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/NiskerkoTheme/css/main.css?ver=1661036819 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 56141
Connection: keep-alive
Last-Modified: Sat, 20 Aug 2022 23:06:59 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/profile-builder/assets/css/style-front-end.css?ver=3.8.5
199.201.110.168200 OK 24 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/profile-builder/assets/css/style-front-end.css?ver=3.8.5
IP 199.201.110.168:0
Hash 79f99753aee7dde9719c1f7d3fe5245b
24aae01f4914498c8c9788dd7bc5a8cbe02d12ee
5b99c1bc156696d765c91f191df7419ea940fbdae1853d5f5ae9d569659175a6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/profile-builder/assets/css/style-front-end.css?ver=3.8.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: text/css
Content-Length: 23471
Connection: keep-alive
Last-Modified: Wed, 16 Nov 2022 11:37:07 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
199.201.110.168200 OK 11 kB URL HTTP/1.1 niskerko.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 199.201.110.168:0
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: application/javascript
Content-Length: 11224
Connection: keep-alive
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
199.201.110.168200 OK 90 kB URL HTTP/1.1 niskerko.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: application/javascript
Content-Length: 89684
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/translatepress-multilingual/assets/js/trp-frontend-compatibility.js?ver=2.4.2
199.201.110.168200 OK 777 B URL HTTP/1.1 niskerko.com/wp-content/plugins/translatepress-multilingual/assets/js/trp-frontend-compatibility.js?ver=2.4.2
IP 199.201.110.168:0
Hash ab55c224299ea8f0fe7bf738772cc650
ce2274025a51bfdaefb4c2ebc65ebf5085103f38
b10ae8fe4c3d47d2975ec636e69f46b3240f0870a8b282c9585360c17e537002
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/translatepress-multilingual/assets/js/trp-frontend-compatibility.js?ver=2.4.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: application/javascript
Content-Length: 777
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 23:37:20 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/wp-image-zoooom/assets/js/jquery.image_zoom.min.js?ver=1.50
199.201.110.168200 OK 24 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/wp-image-zoooom/assets/js/jquery.image_zoom.min.js?ver=1.50
IP 199.201.110.168:0
File type ASCII text, with very long lines (23852)
Hash 90d5e29919e873004580db2bab4bcba4
c13d53bef00bf15796ac87dc9fdf6560f9cfb1e2
398c0807dcc694b9c54e0c39411f4b23b716670cee6afa410a9fe2934b092dac
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-image-zoooom/assets/js/jquery.image_zoom.min.js?ver=1.50 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: application/javascript
Content-Length: 24059
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:44 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/wp-image-zoooom/assets/js/image_zoom-init.js?ver=1.50
199.201.110.168200 OK 17 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/wp-image-zoooom/assets/js/image_zoom-init.js?ver=1.50
IP 199.201.110.168:0
File type ASCII text, with very long lines (2232)
Hash 10129dbc646d71445ed139ca3e82187b
9fa11a7f61d41188390af40c64a97d58f51087c5
41016870fda89f13333bc8b746ea23c05c4f0d6d7fd4c11bca2823dcb99d078e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-image-zoooom/assets/js/image_zoom-init.js?ver=1.50 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: application/javascript
Content-Length: 16777
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:44 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
199.201.110.168200 OK 21 kB URL HTTP/1.1 niskerko.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 034bd11ecaf6fb9240d905245e42e202
ff136c394ed95badfc0107fb98a890dcff642828
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:50 GMT
Content-Type: application/javascript
Content-Length: 21440
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
199.201.110.168200 OK 10 kB URL HTTP/1.1 niskerko.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
IP 199.201.110.168:0
File type ASCII text, with very long lines (9937)
Hash 087a7b1f3a0e6e458e47752247dea77f
b50dc9b67f2440a0f7fd6369c0d0da9eb35f8f77
03a76dde100a17b38d2eaf65bd9d75ca09369d5d601e4262db5696778e930657
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 10114
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
199.201.110.168200 OK 18 kB URL HTTP/1.1 niskerko.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (17819), with no line terminators
Hash e495a4709e3eae31c67f8263f25d2d39
d43ba6a092e4823a71f3bff75d5ed279a481636b
1c1fef6e6b4f9832603850b9b6562e74d9a6a3700ba836efe88facc577121e8b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 17823
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
199.201.110.168200 OK 6.5 kB URL HTTP/1.1 niskerko.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 199.201.110.168:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 61449413a42d2daaa79dbe7298b40e21
d86c474164c603084397bdc50fb0e469d28b5772
f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 6475
Connection: keep-alive
Last-Modified: Tue, 24 May 2022 23:37:28 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
199.201.110.168200 OK 498 B URL HTTP/1.1 niskerko.com/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
IP 199.201.110.168:0
File type ASCII text, with very long lines (463)
Hash b0b80b0256874e70acdc820b52bbf1aa
9aace9a7989736bf535d65f229d0c10e9acea41b
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 498
Connection: keep-alive
Last-Modified: Tue, 24 May 2022 23:37:28 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 252093
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
niskerko.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
199.201.110.168200 OK 4.9 kB URL HTTP/1.1 niskerko.com/wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5
IP 199.201.110.168:0
File type ASCII text, with very long lines (4875)
Hash b33ab4d5dcf02436276a717e9d1b7c18
f47b9a9c41b3b11c9dffabca22945727c3ec6566
9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/hooks.min.js?ver=4169d3cf8e8d95a3d6d5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 4910
Connection: keep-alive
Last-Modified: Tue, 24 May 2022 23:37:28 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 14:41:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
niskerko.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
199.201.110.168200 OK 10 kB URL HTTP/1.1 niskerko.com/wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae
IP 199.201.110.168:0
Hash 8cd696505481e74ffee89b4995f37379
ee9aad199ef2bc60a3460f4c52f37d22907b2ec9
01c3955df67a9b9d1367957e2c187729eae46b72e92c2b52bdb217b14a8fc874
GET /wp-includes/js/dist/i18n.min.js?ver=9e794f35a71bb98672ae HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 10230
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
199.201.110.168200 OK 2.5 kB URL HTTP/1.1 niskerko.com/wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (2472)
Hash 496baa8dab0a9861cd85d4e329f5aa77
5a036d58aecc5c5c471237d6dc719333cfe225e6
5df2942db2352e49e00bcf3393b875a71d0acee986e48fbdcc5879846f5c3689
GET /wp-includes/js/dist/a11y.min.js?ver=ecce20f002eda4c19664 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 2508
Connection: keep-alive
Last-Modified: Tue, 24 May 2022 23:37:28 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
199.201.110.168200 OK 8.5 kB URL HTTP/1.1 niskerko.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
IP 199.201.110.168:0
File type ASCII text, with very long lines (8281)
Hash 99017cd1ae098d1e3ad215171ca48290
2c4c8affe6e8deee8bd8b89c0d44d456b9438c63
3c891891a2abfdb8f5ef8f4b1e4e3c25013d934ca396fe8149e6626cc4ea1888
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 8466
Connection: keep-alive
Last-Modified: Wed, 02 Nov 2022 11:37:18 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/js/script.js?ver=2.2.5
199.201.110.168200 OK 4.6 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/js/script.js?ver=2.2.5
IP 199.201.110.168:0
Hash 7659aff36b667e19a9c8fbb603a117e8
5baac4cbddf4f2238560606765a1c037458824e0
35d456472e46e884707fe65d0f0365b1acfc3542ddea2cb9cde4e82c4182f7c4
GET /wp-content/plugins/woolentor-addons/woolentor-blocks/src/assets/js/script.js?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 4584
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.1
199.201.110.168200 OK 9.5 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (9139)
Hash 87c54edf7dad7dfdfde015f6eee45ff1
96ec1a06ea3093c47e1e2fc4444ada7f4456135d
ef22199864042b8ceeee3729f3254c140df7217364045737ca3aadf8434fb3da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 9533
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.1
199.201.110.168200 OK 1.8 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (1668)
Hash d0a6d8547c66b0d7b0172466558d1208
ff93916519c7b9483251f609e4d29f38c30a66e3
3b1384ff918d4b7f95f9ee5c8fc388203dedff7344d3d96598c9562162788612
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 1834
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.1
199.201.110.168200 OK 2.1 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (2139), with no line terminators
Hash b72c1cbb1530a011a27bd9800f26765a
27b825c5d8255f33b8427a059d4545ebd65e1746
a256fccecac3b32ab73c91d79a18747519a1a18023be05465c933b03523a82e8
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 2139
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-regular-400.woff2
172.64.202.28200 OK 25 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-regular-400.woff2
IP 172.64.202.28:0
File type Web Open Font Format (Version 2), TrueType, length 25244, version 770.768\012- data
Hash b0b42dfe405f3f5dadcc952d941a6f1d
066cc6612349ef91ff48e37c4ceddd2a69f50672
5074bf724d70c107946d158f07964ac24bb3225029bacdf8ece02fb29df8a9f1
GET /releases/v6.2.1/webfonts/free-fa-regular-400.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:51 GMT
content-type: font/woff2
content-length: 25244
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:15:22 GMT
etag: "b0b42dfe405f3f5dadcc952d941a6f1d"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 87ba4da6c7513242d551023ab57badbe.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C1
x-amz-cf-id: XWv3gyJgMlK5alHBElnS5RWbMZhcOlGvWBDC_xqoy80J2iNChWGGoA==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBXICzZ76vdSqfIbEPhRgmuBCtCoXUw4ddMdA4cxubLClLn0uPfwo3j38CLn37Tvws%2BS6Rp%2FzmT6vAbu5M81LsacdhPfUbTcIvEE1piwqcECgVKGktYWuGhZAtdJEqsvqVLZwj5Fbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770ba0882cc98868-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niskerko.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.1
199.201.110.168200 OK 2.9 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (2938), with no line terminators
Hash 0fd625c3991a4015814cffdc88e2fc82
d7c2f53e058210ff3ea773297641008bab71a5f3
2d022db650d194d935faea46a40e5512235b43bc3f8b181e32ce6d3dd745f4e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 2938
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/advanced-woo-search/assets/js/common.min.js?ver=2.67
199.201.110.168200 OK 18 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/advanced-woo-search/assets/js/common.min.js?ver=2.67
IP 199.201.110.168:0
File type ASCII text, with very long lines (17613), with no line terminators
Hash c058fd1999a61c8e3e847b5cd5ec251b
8e7e627a70873ae125e366ddfaf03dec99fa4c33
f7cb65c1055c98366d05a4ffc1b253ea0c9302b111c8640f44f935ebc3b96d09
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/advanced-woo-search/assets/js/common.min.js?ver=2.67 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 17613
Connection: keep-alive
Last-Modified: Mon, 14 Nov 2022 23:37:06 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/js/accordion.min.js?ver=2.2.5
199.201.110.168200 OK 4.1 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/js/accordion.min.js?ver=2.2.5
IP 199.201.110.168:0
File type Unicode text, UTF-8 text, with very long lines (3889), with CRLF line terminators
Hash 886a976cc53d01a5cf093dd95204652f
15209130c00637db98a966aab83f31c03881ce5c
a0d152427862aaf33bb26fd08c997f927743df759a2ba6f30fe1082ed67bfd11
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woolentor-addons/assets/js/accordion.min.js?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 4086
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/js/slick.min.js?ver=2.2.5
199.201.110.168200 OK 42 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/js/slick.min.js?ver=2.2.5
IP 199.201.110.168:0
File type ASCII text, with very long lines (32077)
Hash 829fbb25d28844b53c19c5b55028d624
454636c3a19b5e6071aae7f8d0427060d256328e
6a0a4194c5dedadc2ab516c198ccd0dc608fbd4643bcea7e5c1264e5308e4b42
GET /wp-content/plugins/woolentor-addons/assets/js/slick.min.js?ver=2.2.5 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 41954
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/yaycurrency/src/script.js?ver=1.0
199.201.110.168200 OK 5.7 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/yaycurrency/src/script.js?ver=1.0
IP 199.201.110.168:0
File type assembler source, ASCII text
Hash 5ad6b50d013ea49fffbb111d541ba808
2faf18914daf2f78472dc98b7773485512ccf51e
5e079826685c1022c0b470b80e0f6bbd826953674908299d38a77384715ec9b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/yaycurrency/src/script.js?ver=1.0 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 5744
Connection: keep-alive
Last-Modified: Thu, 08 Sep 2022 11:37:20 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
livesupporti.com/Scripts/clientAsync.js?acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&skin=Air
148.72.152.101200 OK 5.7 kB URL HTTP/2 livesupporti.com/Scripts/clientAsync.js?acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&skin=Air
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1013), with CRLF line terminators
Hash 111b60c0fff16ee9019fedaeb6482bde
e604ec09e7f2669cc711bcee3226886b24010bdf
193b92aaf0dee82f076fb04950e457948cda96bdcff0948eaab2e7888981645e
GET /Scripts/clientAsync.js?acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&skin=Air HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Sat, 19 Dec 2020 16:22:26 GMT
accept-ranges: bytes
etag: "08d642323d6d61:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 5687
X-Firefox-Spdy: h2
livesupporti.com/Scripts/clientAsync.js?acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&skin=Classic&lng=sq
148.72.152.101200 OK 5.7 kB URL HTTP/2 livesupporti.com/Scripts/clientAsync.js?acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&skin=Classic&lng=sq
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1013), with CRLF line terminators
Hash 111b60c0fff16ee9019fedaeb6482bde
e604ec09e7f2669cc711bcee3226886b24010bdf
193b92aaf0dee82f076fb04950e457948cda96bdcff0948eaab2e7888981645e
GET /Scripts/clientAsync.js?acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&skin=Classic&lng=sq HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Sat, 19 Dec 2020 16:22:26 GMT
accept-ranges: bytes
etag: "08d642323d6d61:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 5687
X-Firefox-Spdy: h2
unpkg.com/aos@2.3.1/dist/aos.css
104.16.126.175200 OK 28 kB URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.css
IP 104.16.126.175:0
File type ASCII text, with very long lines (26053), with no line terminators
Hash 55bb82c89815cb3953a83e3f1d307abd
3bdf5a91dc0691ee96a411bd9cc1afb996f29243
7f2d0e65e9bbd20d69dfeb5daaa4a80c15521e962296d7f54bc96de1f0ca23e7
GET /aos@2.3.1/dist/aos.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:49 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
via: 1.1 fly.io
fly-request-id: 01G754J040XBCARD93ACQA76A4-fra
cf-cache-status: HIT
age: 12603782
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770ba07d78940b45-OSL
content-encoding: br
X-Firefox-Spdy: h2
niskerko.com/wp-content/themes/NiskerkoTheme/js/digitalschool.js?ver=1.0.0
199.201.110.168200 OK 0 B URL HTTP/1.1 niskerko.com/wp-content/themes/NiskerkoTheme/js/digitalschool.js?ver=1.0.0
IP 199.201.110.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/NiskerkoTheme/js/digitalschool.js?ver=1.0.0 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Last-Modified: Wed, 17 Nov 2021 16:46:21 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/js/wpgs.js?ver=2.2
199.201.110.168200 OK 1.3 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/js/wpgs.js?ver=2.2
IP 199.201.110.168:0
File type ASCII text, with CRLF line terminators
Hash 6b3b008b8b57296d71fccb47094b3c2f
0acac5fe5ec34c3c1c48e45514d8f73872c9a59f
6bf4175922dc696f03a00264288f21f5b4255a8ae00614de0af2791fe739ee5d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-product-gallery-slider/assets/js/wpgs.js?ver=2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 1272
Connection: keep-alive
Last-Modified: Thu, 28 Apr 2022 22:38:36 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
199.201.110.168200 OK 7.9 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
IP 199.201.110.168:0
File type ASCII text, with very long lines (7889)
Hash d18523e4a4aaa9420a86e4dddfb07554
fa22a3d38dc3c87ca92f1456846682abeb696b96
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 7890
Connection: keep-alive
Last-Modified: Wed, 27 Apr 2022 22:11:23 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woolentor-addons/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
199.201.110.168200 OK 77 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woolentor-addons/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 199.201.110.168:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woolentor-addons/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://niskerko.com/wp-content/plugins/woolentor-addons/assets/css/font-awesome.min.css?ver=2.2.5
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:27 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
148.72.152.101200 OK 6.9 kB URL HTTP/2 livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (862), with CRLF line terminators
Hash 80c3911251b0db147f699efe2522a782
a806110200b359f09e5144cb2abeac2d9f06e7d7
788d8e59c978f716d1cdd1ce8f31ad1710bbf36c7434716d1f504781f865cf90
GET /Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref= HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 22:07:53 GMT
accept-ranges: bytes
etag: "80c239c335c5d71:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 6944
X-Firefox-Spdy: h2
livesupporti.com/Styles/parentChatGUI.css
148.72.152.101200 OK 360 B URL HTTP/2 livesupporti.com/Styles/parentChatGUI.css
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1038), with no line terminators
Hash f2b8afec8fc912b2b120eb5e1224ccde
cc30d5499b00894ae30c992a1d8ea903dd0dfe0d
c7dfeab453e0e186f605b2376ea97538fb557ca58ba79dc8a71e68fbbcd856a8
GET /Styles/parentChatGUI.css HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/css
content-encoding: gzip
last-modified: Fri, 16 Nov 2018 16:34:44 GMT
accept-ranges: bytes
etag: "06aad47ca7dd41:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 360
X-Firefox-Spdy: h2
livesupporti.com/Styles/animate.min.css
148.72.152.101200 OK 3.8 kB URL HTTP/2 livesupporti.com/Styles/animate.min.css
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (55788)
Hash 3782257e4f0148801df00f55262775ca
c29f1b4863a54edeb5b920683409df18638d22a1
4bc55ad557a6d5f2231388947b90eac7675f24377f759515aa20aff6b1200cc2
GET /Styles/animate.min.css HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/css
content-encoding: gzip
last-modified: Thu, 09 Jul 2015 08:51:26 GMT
accept-ranges: bytes
etag: "0bb557024bad01:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 3763
X-Firefox-Spdy: h2
livesupporti.com/Scripts/clientCrossdomainFunctionsAsync.js?v=28
148.72.152.101200 OK 6.1 kB URL HTTP/2 livesupporti.com/Scripts/clientCrossdomainFunctionsAsync.js?v=28
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1464), with CRLF line terminators
Hash 6cf770051f9c2a458ce129c437692dce
835d159aba01d4ede0abd18efddc7e9935e25213
216536f6c231e6f7756c9f154b03a72fba0d4a7d9d3bd1b3d381cb58e781bbb0
GET /Scripts/clientCrossdomainFunctionsAsync.js?v=28 HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Mon, 18 Jan 2021 18:42:11 GMT
accept-ranges: bytes
etag: "8083a2a1c9edd61:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 6054
X-Firefox-Spdy: h2
niskerko.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.4.1
199.201.110.168200 OK 7.0 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.4.1
IP 199.201.110.168:0
File type ASCII text, with very long lines (7043), with no line terminators
Hash 456663a286a204386735fd775542a59e
0a61620b88f4ae0fa7d71e2c7a014ea2c3ab5749
a7a83e60e7e3b8cadeed69327ba498b4cd68605db6e408729fa1b946758e7501
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=6.4.1 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: text/css
Content-Length: 7043
Connection: keep-alive
Last-Modified: Sun, 17 Apr 2022 20:26:19 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/js/jquery.fancybox.min.js?ver=2.2
199.201.110.168200 OK 68 kB URL HTTP/1.1 niskerko.com/wp-content/plugins/woo-product-gallery-slider/assets/js/jquery.fancybox.min.js?ver=2.2
IP 199.201.110.168:0
File type HTML document, ASCII text, with very long lines (31970)
Hash 9a77c436fbff61c25bf72a85ccf64de6
901e1e28efd1e87b227803a387b665a5779290e2
78a441df8707d104ba4dcf2c669ec4b6cd4fa38a84eb437f01dfe5056bfdea91
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woo-product-gallery-slider/assets/js/jquery.fancybox.min.js?ver=2.2 HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: application/javascript
Content-Length: 68251
Connection: keep-alive
Last-Modified: Sun, 14 Aug 2022 10:33:10 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
livesupporti.com/Scripts/jquery-1.6.2.min.js
148.72.152.101200 OK 32 kB URL HTTP/2 livesupporti.com/Scripts/jquery-1.6.2.min.js
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (32769)
Hash 6e3aa3e81d7a0f548b0dac043bf03a73
03ca340338d08837ea556facfe6ddc416e52f69f
b669cebf6a0eac93ea2f60678a1bff652b6ba2a14697615aa67c6ca85001d680
GET /Scripts/jquery-1.6.2.min.js HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Fri, 31 Jan 2020 16:28:05 GMT
accept-ranges: bytes
etag: "809866a53d8d51:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 32001
X-Firefox-Spdy: h2
livesupporti.com/Scripts/jquery.ba-postmessage.min.js
148.72.152.101200 OK 772 B URL HTTP/2 livesupporti.com/Scripts/jquery.ba-postmessage.min.js
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1258)
Hash 12347335635a44d01ca1c8cb879843b5
7eb32dfaf1f3d9ee1f980a7ee608c3f45cef8d30
841c31a2f486e32886fbb89e825d47ac1879967a5a3f0ad9d3e6798f4c32af1a
GET /Scripts/jquery.ba-postmessage.min.js HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Tue, 16 Aug 2016 23:42:00 GMT
accept-ranges: bytes
etag: "0145ec817f8d11:0"
vary: Accept-Encoding,Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 772
X-Firefox-Spdy: h2
livesupporti.com/Scripts/ClientGUI.js?v=262
148.72.152.101200 OK 44 kB URL HTTP/2 livesupporti.com/Scripts/ClientGUI.js?v=262
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash cfd28f7d074d5f53d1aa540be7914c3d
04c9bac9a05b7ad6a0768ca0baa7db455442e7cf
d4b4e202593a90bfc6727a8516a83a56471246ce4be2b5302aadf24f3b71d4c5
GET /Scripts/ClientGUI.js?v=262 HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 22:06:04 GMT
accept-ranges: bytes
etag: "0ae418235c5d71:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 43455
X-Firefox-Spdy: h2
livesupporti.com/Scripts/ajaxfileupload.js?v=2
148.72.152.101200 OK 1.2 kB URL HTTP/2 livesupporti.com/Scripts/ajaxfileupload.js?v=2
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3102), with no line terminators
Hash ad6dee47e2ba4b760c09c51e08540f6f
7baf060c5c006558d835fc6e17b0d61938ca4303
620d64449242b119c3f8ee052064b61a333d8b182d447c1b2d96f4c787b1a014
GET /Scripts/ajaxfileupload.js?v=2 HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Wed, 25 Sep 2019 17:24:44 GMT
accept-ranges: bytes
etag: "0d61c1fc673d51:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 1231
X-Firefox-Spdy: h2
livesupporti.com/Scripts/jquery.client.js
148.72.152.101200 OK 749 B URL HTTP/2 livesupporti.com/Scripts/jquery.client.js
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
Hash 44b4b3ab18a6389664bd5be97a7e09d0
885bffa2c84a8da0660450d3a05a3ce557f3efa8
88ed1039bd75cbe41deb3982b46c7f8b44df16c3f99e853a605f3582ec0b799a
GET /Scripts/jquery.client.js HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=2592000
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
last-modified: Mon, 18 Mar 2013 04:38:15 GMT
accept-ranges: bytes
etag: "80d58f679223ce1:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 749
X-Firefox-Spdy: h2
livesupporti.com/Images/Chat/agent-no-pic.png
148.72.152.101200 OK 2.2 kB URL HTTP/2 livesupporti.com/Images/Chat/agent-no-pic.png
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 185c093a7fb496730a404648bd0acd5b
cfcac7f063d40aac6be9b42d5f785df297fdcc96
b90f5829872ba86f0f1427a21d6c849d6afc232e1ed39eeb16c8c3994f772b3c
GET /Images/Chat/agent-no-pic.png HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=691200
content-type: image/png
last-modified: Sun, 18 Jan 2015 12:47:30 GMT
accept-ranges: bytes
etag: "09dafeb1c33d01:0"
date: Sun, 27 Nov 2022 14:41:51 GMT
content-length: 2151
X-Firefox-Spdy: h2
niskerko.com/wp-content/uploads/2021/09/1x.svg
199.201.110.168200 OK 5.3 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2021/09/1x.svg
IP 199.201.110.168:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (5324), with no line terminators
Hash 22d70e3d331445aa02ef1a1f1984878e
a75af47b851bbdcb5520dab9161ef129ff20d5b9
d24b7388cb3411bf7c9d39e4469e2e5328fae66bc9b1af259f5dd2f5b2dca73e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2021/09/1x.svg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: image/svg+xml
Content-Length: 5324
Connection: keep-alive
Last-Modified: Tue, 14 Sep 2021 11:14:57 GMT
Cache-Control: max-age=10368000
Expires: max-age=A10368000, public
Vary: Accept-Encoding,User-Agent
Accept-Ranges: bytes
niskerko.com/wp-content/uploads/2022/11/f4-4-300x300.jpg
199.201.110.168200 OK 32 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/11/f4-4-300x300.jpg
IP 199.201.110.168:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3405640a1a38dac985f7a350e93a67f5
7977857d67ee31f3bc47c60ec49bdab384f282c1
db029b0cc647360ef87eb1cccbd817a8b56917551984a76a105e4e59f360a2f5
GET /wp-content/uploads/2022/11/f4-4-300x300.jpg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: image/webp
Content-Length: 31888
Connection: keep-alive
Vary: Accept,Accept-Encoding,User-Agent
Last-Modified: Wed, 23 Nov 2022 12:57:38 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
172.64.202.28200 OK 477 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
IP 172.64.202.28:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 6b4b32854ac85b2bb82abb8c7f140605
64fbbc526380ee5da5a67ea752548182b6546dac
1ab830cbf5a9436995c26e1bb5db4f50307a6c81e3898fc93a230b4572c24c87
GET /releases/v6.2.1/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:51 GMT
content-type: font/woff2
content-length: 150500
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
etag: "69a76555beae5c43a59559396c1aeb54"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 cba862420ea46057b8ffe4eda3fdb3b6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C1
x-amz-cf-id: rCI_Nl63Qi7Azv8lw0VqxxKG_lE00RgzgESQ-5JPFPdjiG5GPJOFmg==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5QnUR%2BDSa1KgDsnPO28%2FZAe0v8DmfJtHMcGUWLSifQ%2FJdIKmhLFzv0S1fSMdzFmJ3T2T59IQZ4h1gfK0uGRWNiyOn9J9c7SgT2OGl5xCNcKVQBlnwbKk6acxncpTe5vwqH09QAsjNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770ba0883ce68868-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niskerko.com/wp-content/uploads/2022/01/vertical-2-1.png
199.201.110.168200 OK 11 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/01/vertical-2-1.png
IP 199.201.110.168:0
File type PNG image data, 160 x 600, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e12b620ab8e013bb1fd003ceabea12e
6b089d830c09e13be05cc1874c6ca1e8f51e3cb9
9a607a964df5828e77a6823bc71708bd7a5fd7d57713bccaebcb41c806adebc4
GET /wp-content/uploads/2022/01/vertical-2-1.png HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: image/png
Content-Length: 11449
Connection: keep-alive
Last-Modified: Sun, 27 Feb 2022 22:25:10 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
Vary: User-Agent,Accept
niskerko.com/wp-content/uploads/2022/11/Screenshot_20221123-203250-300x300.jpg
199.201.110.168200 OK 9.7 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/11/Screenshot_20221123-203250-300x300.jpg
IP 199.201.110.168:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e2930e8200ec67f2e05cb030959159c1
a6121545982038a81a4c7ba9c4f23fd1015e7363
f7fd2150cdcb21fa731d98e0a89ba1e1ce9e05ace6ca6141b0304de927cf911d
GET /wp-content/uploads/2022/11/Screenshot_20221123-203250-300x300.jpg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: image/webp
Content-Length: 9692
Connection: keep-alive
Vary: Accept,Accept-Encoding,User-Agent
Last-Modified: Wed, 23 Nov 2022 19:55:46 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
niskerko.com/wp-content/uploads/2021/11/10000-2.png
199.201.110.168200 OK 20 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2021/11/10000-2.png
IP 199.201.110.168:0
File type PNG image data, 1000 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash e8ba5d9bc1620a8d7fe40cf1c8d1f863
c3a44380a2c6192f46b876165631bad4577cc82f
01dfce869838ead3eab8441efe4d62eba2a5a532600af0f16bb951c67e601704
GET /wp-content/uploads/2021/11/10000-2.png HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:51 GMT
Content-Type: image/png
Content-Length: 20265
Connection: keep-alive
Last-Modified: Sun, 27 Feb 2022 22:30:21 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
Vary: User-Agent,Accept
livesupporti.com/Views/ClientAjaxStub.htm
148.72.152.101200 OK 609 B URL HTTP/2 livesupporti.com/Views/ClientAjaxStub.htm
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 5700fc1954bcd8813a8b70a8ccdaf6ad
76279e57491a46ac5eff9ac99b2abbc63837ce87
87808f658b4f4a081d1a939a5204a5f6e2020328a70e69249e20a58c42f2c83b
GET /Views/ClientAjaxStub.htm HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-encoding: gzip
last-modified: Sun, 10 May 2015 15:50:40 GMT
accept-ranges: bytes
etag: "0888010398bd01:0"
vary: Accept-Encoding
date: Sun, 27 Nov 2022 14:41:52 GMT
content-length: 609
X-Firefox-Spdy: h2
livesupporti.com/CometUtil/ClientResponseHandler.ashx?accId=0bebcce5-d5dc-4642-8457-a1d12564a7b0&isMessage=false&clrVersion=01d71b79-b5c3-44d0-9f35-d88c0c655cf4&rnd=x8d9d6m8d2y8p9o8q8n2o0n9e2g5q7t5&page=https%3A%2F%2Fniskerko.com%2F&isMobile=false&os=Windows%252010&refPage=&command=initialize
148.72.152.101200 OK 1.3 kB URL HTTP/2 livesupporti.com/CometUtil/ClientResponseHandler.ashx?accId=0bebcce5-d5dc-4642-8457-a1d12564a7b0&isMessage=false&clrVersion=01d71b79-b5c3-44d0-9f35-d88c0c655cf4&rnd=x8d9d6m8d2y8p9o8q8n2o0n9e2g5q7t5&page=https%3A%2F%2Fniskerko.com%2F&isMobile=false&os=Windows%252010&refPage=&command=initialize
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
File type JSON data\012- , ASCII text, with very long lines (1347), with no line terminators
Hash c4bf64ce4edb33b5f4343a9709c33019
3641cd1bc2c1ee3b74653701a4b244f6e4a80c2e
2ba53845c7b1f8afefcf04166d6d8f008ad1566f95ea8fd30ca711a4cc521c97
GET /CometUtil/ClientResponseHandler.ashx?accId=0bebcce5-d5dc-4642-8457-a1d12564a7b0&isMessage=false&clrVersion=01d71b79-b5c3-44d0-9f35-d88c0c655cf4&rnd=x8d9d6m8d2y8p9o8q8n2o0n9e2g5q7t5&page=https%3A%2F%2Fniskerko.com%2F&isMobile=false&os=Windows%252010&refPage=&command=initialize HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: text/html; charset=utf-8
set-cookie: ASP.NET_SessionId=cmnh51a4n3v4yhcbmyxmceak; path=/; HttpOnly; SameSite=Lax
access-control-allow-origin: https://app.livesupporti.com
date: Sun, 27 Nov 2022 14:41:52 GMT
content-length: 1347
X-Firefox-Spdy: h2
niskerko.com/wp-content/uploads/2022/11/Screenshot_20221122-203421-300x300.jpg
199.201.110.168200 OK 12 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/11/Screenshot_20221122-203421-300x300.jpg
IP 199.201.110.168:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4eea7c1d9940865125b2888d165aa2b8
b91ca8ca62b93eaca7726c84130383cc253dc2bd
602e0be7faa28e273fa5a1d68e5e80057f1ccf71b6bd8146bf6122e840c1e0e4
GET /wp-content/uploads/2022/11/Screenshot_20221122-203421-300x300.jpg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:52 GMT
Content-Type: image/webp
Content-Length: 11914
Connection: keep-alive
Vary: Accept,Accept-Encoding,User-Agent
Last-Modified: Tue, 22 Nov 2022 19:55:02 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
niskerko.com/wp-content/uploads/2022/11/f1-3-300x300.jpg
199.201.110.168200 OK 6.8 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/11/f1-3-300x300.jpg
IP 199.201.110.168:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 311d85565f995285c0568d07ec658e0d
d53918f356e19fe1703e6df432e4bfbe2a787eec
7d89b22d6db9c016d9919e7bb8426c20b08db0963969cf9bd463b406e5a99cd6
GET /wp-content/uploads/2022/11/f1-3-300x300.jpg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:52 GMT
Content-Type: image/webp
Content-Length: 6764
Connection: keep-alive
Vary: Accept,Accept-Encoding,User-Agent
Last-Modified: Thu, 17 Nov 2022 12:30:23 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
niskerko.com/wp-content/uploads/2022/11/Screenshot_20221121-201842-300x300.jpg
199.201.110.168200 OK 17 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/11/Screenshot_20221121-201842-300x300.jpg
IP 199.201.110.168:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a997e8c8adde4f4a7752996d5bdf454d
b1e4f54160828826fe21da02f8fcb9ababbfe217
65f2b872eb0359afcba6b064578c1d8282092b1ed78278028bb5a343f201d1eb
GET /wp-content/uploads/2022/11/Screenshot_20221121-201842-300x300.jpg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:52 GMT
Content-Type: image/webp
Content-Length: 17134
Connection: keep-alive
Vary: Accept,Accept-Encoding,User-Agent
Last-Modified: Mon, 21 Nov 2022 20:14:18 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
niskerko.com/wp-content/uploads/2022/11/Screenshot_20221116-210132-300x300.jpg
199.201.110.168200 OK 23 kB URL HTTP/1.1 niskerko.com/wp-content/uploads/2022/11/Screenshot_20221116-210132-300x300.jpg
IP 199.201.110.168:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d30deb75a4cc99c27d01361d8478d1e5
71c0333f5429391ce01282aaa6964bd0a20066be
f2c39be0ebddff6c02d92fe03e4e15809496316468059023057758cb25bc3959
GET /wp-content/uploads/2022/11/Screenshot_20221116-210132-300x300.jpg HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:52 GMT
Content-Type: image/webp
Content-Length: 23264
Connection: keep-alive
Vary: Accept,Accept-Encoding,User-Agent
Last-Modified: Wed, 16 Nov 2022 20:23:18 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=18a23a2b36
172.64.202.28200 OK 6.1 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=18a23a2b36
IP 172.64.202.28:0
File type ASCII text, with very long lines (1560)
Hash ee1b3005d7e3b4f11af1451ff6664b43
9f1f8eef4ea2e90b46bbb80d8f7f684b25b8768f
1f1e6b3080d6beb14b80f89add8903eba935777c1644bb8ec55d558aa2525ce5
GET /releases/v6.2.1/css/free-v4-font-face.min.css?token=18a23a2b36 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://niskerko.com/
Origin: https://niskerko.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"075b2106ba08d32bc88fff3724503b1e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 9QOLSU0Fy0s_mCZHj6YrwSwlfJIAxy-eRtPLM6hKBVlMk4fNzJlp3A==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpkfuBCWQersUyTgXsWZ0vOU7Nw6lvl3KUeR%2BT5jGpep6SiP6cx5tjFDYkhoU5afjdBfFT2uItJ6CceyWe5x%2BzRB5GtfL1N%2BrzDXUbMzR8KiaJ%2FEaaRjr%2B1ONLIoVg5ugfbb1RAANQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770ba08689858868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
niskerko.com/wp-content/uploads/2021/11/cropped-web-icon-32x32.png
199.201.110.168200 OK 734 B URL HTTP/1.1 niskerko.com/wp-content/uploads/2021/11/cropped-web-icon-32x32.png
IP 199.201.110.168:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1426bcdfa3fc21b7596683528dc5605e
0b1c73526d9c7517238aaf1c21e7067e329efb83
ee86534f7a8b8fb3a5cd82af549c90252be9d866ed31573d0fee01504e5761fc
GET /wp-content/uploads/2021/11/cropped-web-icon-32x32.png HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:52 GMT
Content-Type: image/png
Content-Length: 734
Connection: keep-alive
Last-Modified: Mon, 15 Nov 2021 07:17:36 GMT
Accept-Ranges: bytes
Cache-Control: private, max-age=10368000
Expires: max-age=A10368000, public
Vary: User-Agent,Accept
niskerko.com/?wc-ajax=get_refreshed_fragments
199.201.110.168200 OK 226 B URL HTTP/1.1 niskerko.com/?wc-ajax=get_refreshed_fragments
IP 199.201.110.168:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 033bf8a6b2f940ac35b4e216d2227793
8aff7e59481c51cbfa6aef9a9872802efa4f7f2c
5c187d8adff3c9ce5fef64fac2347efa453f3c05a646f60126da1ad271e441b3
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:53 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://niskerko.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: yay_currency_widget=1296; expires=Tue, 27-Dec-2022 14:41:53 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding,User-Agent
niskerko.com/?wc-ajax=get_refreshed_fragments
199.201.110.168200 OK 226 B URL HTTP/1.1 niskerko.com/?wc-ajax=get_refreshed_fragments
IP 199.201.110.168:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 033bf8a6b2f940ac35b4e216d2227793
8aff7e59481c51cbfa6aef9a9872802efa4f7f2c
5c187d8adff3c9ce5fef64fac2347efa453f3c05a646f60126da1ad271e441b3
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:53 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://niskerko.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: yay_currency_widget=1296; expires=Tue, 27-Dec-2022 14:41:53 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding,User-Agent
niskerko.com/?wc-ajax=tinvwl
199.201.110.168200 OK 119 B URL HTTP/1.1 niskerko.com/?wc-ajax=tinvwl
IP 199.201.110.168:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 233679525339dd0523af8e81bd7ee4ea
e4ce9b17dfeda567479c5e4a3a2ed7ee0cbd6a27
03bc02cdf0c0262ceaeefc23bb0a7ac8dc0e45b3b6e972a6fc35b29541b370c2
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=tinvwl HTTP/1.1
Host: niskerko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-WP-Nonce: ab522109a1
X-Requested-With: XMLHttpRequest
Content-Length: 49
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://niskerko.com/
Cookie: yay_currency_widget=1296; PHPSESSID=f76e8f0bebadf0d25ebf07accf281965
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 14:41:53 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://niskerko.com
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: yay_currency_widget=1296; expires=Tue, 27-Dec-2022 14:41:53 GMT; Max-Age=2592000; path=/
Vary: Accept-Encoding,User-Agent
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f80a9a9b55da31c98663e157dde74a19
26b8dd82140c0db021048e11bff65a391dc6b444
680c39e4ea1d784db9831958942a64f3e83618dc443c8bcaa34223d85bb5b926
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbfe38fd9-0497-4ec8-8f57-1ba100e73fcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6859
x-amzn-requestid: 4a1b13ad-9455-401d-a914-c1ada2191977
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTHRroAMFR8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-4e5d630b23cdeb2e4b6d75d1;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qk03VFAQ1od0YzamiePUE8VQp9kBv_fy5gDUrVSlLGLSdn5v4JQbvw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 13:39:07 GMT
age: 3767
etag: "26b8dd82140c0db021048e11bff65a391dc6b444"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
livesupporti.com/CometUtil/ClientStreamHandler.ashx
148.72.152.101200 OK 0 B URL HTTP/2 livesupporti.com/CometUtil/ClientStreamHandler.ashx
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
POST /CometUtil/ClientStreamHandler.ashx HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 374
Origin: https://livesupporti.com
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/html; charset=utf-8
expires: -1
set-cookie: ASP.NET_SessionId=1ynoeg0ntr1vkftfdluen4vm; path=/; HttpOnly; SameSite=Lax
x-xss-protection: 0
date: Sun, 27 Nov 2022 14:41:52 GMT
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=18a23a2b36
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=18a23a2b36
IP 172.64.202.28:0
GET /releases/v6.2.1/css/free.min.css?token=18a23a2b36 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://niskerko.com/
Origin: https://niskerko.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"2dbe34367e935e2684b01124b0860d71"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: und1gjGQ4F3yXbnlFTqEuDhgVLOhEmRmUTiBrP17S6vq5nxtPnIs_Q==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FqKo2kOZIDloPmXy9VJQhoo57zr82bjSnisol82mStgMW5g5jdtQ3V3BWIAVt7iG04K2qECgJq1OHA26FLse%2FauQR9%2BfEjDdCiWM33xbcZjjfvN%2FYtgrefXGWHcBTQ0YqPNlsGxKsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770ba08649358868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Montserrat%3Awght%40400%3B600%3B700&display=swap&ver=6.1.1
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat%3Awght%40400%3B600%3B700&display=swap&ver=6.1.1
IP 142.250.74.10:0
GET /css2?family=Montserrat%3Awght%40400%3B600%3B700&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 14:41:49 GMT
date: Sun, 27 Nov 2022 14:41:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kit.fontawesome.com/18a23a2b36.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/18a23a2b36.js
IP 104.18.22.52:0
GET /18a23a2b36.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://niskerko.com
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:49 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyfXtnHz6hBa4zoBEBjj
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 770ba07d8c900b59-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=18a23a2b36
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=18a23a2b36
IP 172.64.202.28:0
GET /releases/v6.2.1/css/free-v4-shims.min.css?token=18a23a2b36 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://niskerko.com/
Origin: https://niskerko.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"0d00741459c51dd7330d97cd19326a7b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0ea2ca4542be08b5610e21d1ffd6aa5a.cloudfront.net (CloudFront)
x-amz-cf-pop: MAN50-C1
x-amz-cf-id: sH-cY-rypPAKADXDbVJOq2KmjEXfQorHudftSyX2YUBLNV1s02k-Jw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pcEqlxCUcrL9502wlDJKMuR%2BWJIC61tOh66ury9Skt6nZ9kjT7IDLWhkK5d1pzQa2YVFrf0CjKPPkNhToiSD8K%2Blicn6djPj36E%2BfBuVHcHJOzDx9pOrTachZU3942SCj7%2FmPLD36w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770ba08679688868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=18a23a2b36
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=18a23a2b36
IP 172.64.202.28:0
GET /releases/v6.2.1/css/free-v5-font-face.min.css?token=18a23a2b36 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://niskerko.com/
Origin: https://niskerko.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:51 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"15e2713dff942747406520edde3fd0bf"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 ed393405ff603a61a1e63909cf1c1a44.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: tYEQ0d4V6T1P3gMUoBMxPeZwm_c-93Vsj6YizWDv2UEDGTe7DleF9g==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CW7PA2bDzfD6Ee0fRCUG4CLt8nBjWaZZ%2F1abLlarmSIPRyZS6pQTS42aQOgXAdockWKor7VE7H8MCcHtn2H0QTKwe9ioqzU78Jn3xkfFAGjJpjtEWtvB3NxqiLa3lOQUD34oC7RYDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770ba086796b8868-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
livesupporti.com/Util/ChatSettingsHandler.ashx?act=chatLngByAccount&accCode=0bebcce5-d5dc-4642-8457-a1d12564a7b0&rnd=v6e8h8o7j3w9h1c6l6q8a4b8n3y4p6c8&lngCode=sq
148.72.152.101200 OK 0 B URL HTTP/2 livesupporti.com/Util/ChatSettingsHandler.ashx?act=chatLngByAccount&accCode=0bebcce5-d5dc-4642-8457-a1d12564a7b0&rnd=v6e8h8o7j3w9h1c6l6q8a4b8n3y4p6c8&lngCode=sq
IP 148.72.152.101:0
ASN #30083 AS-30083-GO-DADDY-COM-LLC
GET /Util/ChatSettingsHandler.ashx?act=chatLngByAccount&accCode=0bebcce5-d5dc-4642-8457-a1d12564a7b0&rnd=v6e8h8o7j3w9h1c6l6q8a4b8n3y4p6c8&lngCode=sq HTTP/1.1
Host: livesupporti.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://livesupporti.com/Views/clientGUI.htm?location=https://niskerko.com/&acc=0bebcce5-d5dc-4642-8457-a1d12564a7b0&lng=sq&os=Windows%2010&mobile=false&popup=false&ref=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: private
access-control-allow-origin: https://app.livesupporti.com
date: Sun, 27 Nov 2022 14:41:52 GMT
X-Firefox-Spdy: h2
unpkg.com/aos@2.3.1/dist/aos.js
104.16.126.175200 OK 0 B URL HTTP/2 unpkg.com/aos@2.3.1/dist/aos.js
IP 104.16.126.175:0
GET /aos@2.3.1/dist/aos.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://niskerko.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 14:41:49 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"379f-cNv9OKDx/DsafZ+tq1h4ZITDTxc"
via: 1.1 fly.io
fly-request-id: 01F3YGTK14BN7YR0KMC99B0BKK
cf-cache-status: HIT
age: 18870885
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 770ba07e595e0b45-OSL
content-encoding: br
X-Firefox-Spdy: h2