r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b720c31d9c036cd2ef10e35fa29f5345
ac625d2e69284e5080bede4b37c31af62c26338b
323b76eceb5d3ad339a1c55bfa7eea4e39741258e08d5005b691f712a9e9c81c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323B76ECEB5D3AD339A1C55BFA7EEA4E39741258E08D5005B691F712A9E9C81C"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5446
Expires: Sat, 05 Nov 2022 00:57:28 GMT
Date: Fri, 04 Nov 2022 23:26:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cd02b32dbc8416dcb10b468af2166c33
503a9c4cabdb19dfde769f5e2d3ef919c818c364
46ca638514d9d4cf252762fdac37a5e7b1da550fcc9911070b0b26a6aa6150a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2415
Cache-Control: max-age=125078
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:42 GMT
Etag: "6364dbd9-1d7"
Expires: Sun, 06 Nov 2022 10:11:20 GMT
Last-Modified: Fri, 04 Nov 2022 09:31:05 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f3527f898221f8ba6b5015f6decc100
ead93baa0e9d3a6297be3377dc3a624e5a3f509a
73a068f907cc50dd60af18d545b4264dd44bc4b9f40bf9adfceea157fdc33099
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "73A068F907CC50DD60AF18D545B4264DD44BC4B9F40BF9ADFCEEA157FDC33099"
Last-Modified: Thu, 03 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8914
Expires: Sat, 05 Nov 2022 01:55:16 GMT
Date: Fri, 04 Nov 2022 23:26:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1NEjO4bGDIgSQps9Nhc82b5S7a8QBabkoZyFG9GeO5q/KSdKciyiC7uuNqdCpPpqdG9COjHXxtc=
x-amz-request-id: 452NGJJK81JN4Q4H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 04 Nov 2022 23:09:46 GMT
age: 1016
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 04 Nov 2022 23:26:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
198.54.126.9301 Moved Permanently 0 B URL HTTP/1.1 vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
IP 198.54.126.9:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /urr/LP/uC/3XFf2xTT.zip HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
date: Fri, 04 Nov 2022 23:26:42 GMT
server: Apache
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-tag: ea2_HTTP.404,ea2_HTTP.301
x-redirect-by: WordPress
location: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
content-length: 0
content-type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 42a0adacced30df52cf7cad3e200036d
f7b4114defc61f806dbb74fd228bca155d52362a
e4928481739a2a75dce86c03b355c6dff507426e8d851cba5ca8537b1be87c20
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5772
Cache-Control: max-age=123376
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:43 GMT
Etag: "6364c817-1d7"
Expires: Sun, 06 Nov 2022 09:42:59 GMT
Last-Modified: Fri, 04 Nov 2022 08:06:47 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7uf1bokdqmnlogqJt/Qc/A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: aCurnzsubZ6yoCyr5gy4mxgryaQ=
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8fb61ef8da1b15ce0b0794d4c8ef93e0
13e76903291e8c92c37f3a1d579cc689ad32eaf2
6f99954175f03049efb2c62042ef836e9619d8cf6391524b6137ced5cba98741
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 04 Nov 2022 23:26:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 01 Nov 2022 22:57:12 GMT
Expires: Tue, 08 Nov 2022 22:57:11 GMT
Etag: "13e76903291e8c92c37f3a1d579cc689ad32eaf2"
Cache-Control: max-age=343227,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76511dc37b45b51b-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5099
Expires: Sat, 05 Nov 2022 00:51:43 GMT
Date: Fri, 04 Nov 2022 23:26:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5099
Expires: Sat, 05 Nov 2022 00:51:43 GMT
Date: Fri, 04 Nov 2022 23:26:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5099
Expires: Sat, 05 Nov 2022 00:51:43 GMT
Date: Fri, 04 Nov 2022 23:26:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ee5640e4bbe5e2c0dd4aa0698a3ce62
a175340e4e1a0a2e3d33fa5b113e3990e5a6dfef
938899f21fdf4e477f02c6f7f32cbed05bb1df35e3b221c3a37e8c214b2dc946
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "938899F21FDF4E477F02C6F7F32CBED05BB1DF35E3B221C3A37E8C214B2DC946"
Last-Modified: Thu, 03 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5099
Expires: Sat, 05 Nov 2022 00:51:43 GMT
Date: Fri, 04 Nov 2022 23:26:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 683264508686ad18ae519baac54d3b05
1897c9fcad301764736ab867491beb18526af153
e8beb5d336ca424e36725ab87b98b4dedcf32a5b01c43b9c06363a7be25522fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff202f1f7-a6da-431c-9f04-b00a53780a8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: df2c5b88-0444-44b1-81ef-04e565d25b36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bAS--GiUoAMFTjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636331f9-0ec90f4d5f0c6fcf2d6e4a8b;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 03:14:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7CdkFTu--etXnoftDB8IYx3G6NIDBbKNiomZXVQQpr8et2Qh9yUGoQ==
via: 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 03:37:09 GMT
age: 71375
etag: "1897c9fcad301764736ab867491beb18526af153"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2ae2b8d827fb2c8bef64febcd36f1645
f7705fcd2d91ce90c58e79324cce1e3abba6c1c8
2dc55e97ef3a85fccb104b80161a8bac16b12d37527c336563677432584c7ad5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3494b1e3-ddc8-454c-8b43-e70e2d8f07b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11421
x-amzn-requestid: 80f2a46c-6682-4160-b896-eeaa366dbab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKNF4SoAMFn5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-5a5517d005ec7a7d1507b58e;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gdqoswTMqjrfyzzY-103agxLH8ak-rFsCId29eoLOF6WHgFmd04K7g==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 08:24:41 GMT
age: 54123
etag: "f7705fcd2d91ce90c58e79324cce1e3abba6c1c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1799c94891598120fab550073379516
ed51b7d2c443aec199c1605b5ebe2e1e25f287a3
5f3f2ffdc992d917d8d3b5890c0ad9810b9699c38e932c0d4d32625346eb87a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9ee7867-cfc1-4e91-8bfe-c86e9e0369d8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6228
x-amzn-requestid: 788a9f03-5b3f-446c-a02c-844fe2f07221
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ameKPFJAoAMFy1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6358dd74-15bffc073dae60355b484cbb;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 07:10:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YN9fqqZ0ZqpXcYQZbi5MXAL2e_jd5aW3qdbsqLUGR7Rhj5-QvP1VxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:14 GMT
age: 3990
etag: "ed51b7d2c443aec199c1605b5ebe2e1e25f287a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ee20d59c5ac266f8eb9c47057271a10
61dc4e78907f114519ff3fdd3c806b36557ab744
2cba117cfe96fa5e1b53981f98d42eb3e5f956083c3435a1d44d1d40784614bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3819323-4f77-4bb2-bbbb-6926d5bc62aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11427
x-amzn-requestid: 0dcc7ef4-d7fa-492e-8ddf-4342b4bc44e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHxJGJZoAMFWlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6365866d-7c3de2ed509a640f37c52843;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gAHLlJ0JzB6TfEUNw_sCNmrjMK-EX1hZbCY34i99xQok7R-wvcpqug==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:59:04 GMT
age: 5260
etag: "61dc4e78907f114519ff3fdd3c806b36557ab744"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1fc9b492d6cc0a516998cec9fa5dc2a0
1082e5e96362a4960929c59ff1d4d995cb28f40d
3dc82302d8615c615526cc9a828844d291d775d05ff7174f8d6b82b7172b2908
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F621f6bc7-a17b-4b8f-95ef-65d27abd5513.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9006
x-amzn-requestid: 1a0ea36b-a610-485c-be62-b6950288afbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGIVGGG7oAMFXJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658753-2fc408853092bf61646b7584;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:42:43 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xdg0glkctHhh3-kmb8HhwEnYjcxchpOLF4DrDIkICI7fSiHpIRPKIw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 22:20:07 GMT
age: 3997
etag: "1082e5e96362a4960929c59ff1d4d995cb28f40d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0453d131-50e3-4ed1-9eca-d50f3a35aac9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0453d131-50e3-4ed1-9eca-d50f3a35aac9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 28e9689b11b8d4027ca06e75b4768239
b9762da0cfd3d775a241d2614df355e208a624cc
94dbd9594a3b9db3b6c01a99dae442e8c3447171b739cabe995ffa4aee9b33af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0453d131-50e3-4ed1-9eca-d50f3a35aac9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10361
x-amzn-requestid: b786d01a-4389-4b21-a0f2-8f2ec3c613fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bGHlcFRDoAMFXiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63658622-291c68e7793e8bbb52ffc126;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 21:37:38 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v70Ibq2VAtXUZ_c9BvOVRefDtv5f4Tik5Ou8NClRQ7ThTHioV0SNJA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Fri, 04 Nov 2022 21:49:43 GMT
age: 5821
etag: "b9762da0cfd3d775a241d2614df355e208a624cc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/232d50bb73d755cf33c822fcc110e37d.js?ver=b7096
198.54.126.9200 OK 2.9 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/232d50bb73d755cf33c822fcc110e37d.js?ver=b7096
IP 198.54.126.9:0
File type ASCII text, with very long lines (9936)
Hash d65753c11b4924719adf5f775445b98b
111aa5ed6be1380ed7f6559993defeb664ac8dee
8fe0876c8852da6ec064d502877a2ca759dc5c47d8dade5a91604750f091d846
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/232d50bb73d755cf33c822fcc110e37d.js?ver=b7096 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2941
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/777d7489be5e8a81d746388ea10cf69f.js?ver=88eb3
198.54.126.9200 OK 4.2 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/777d7489be5e8a81d746388ea10cf69f.js?ver=88eb3
IP 198.54.126.9:0
File type ASCII text, with very long lines (11125)
Hash 414e47d6d1f683dd91d095d646c9a35b
77892a7a89818ce578dd8e14b8494ffbdd145086
d783d7bbbf94eaaa8ae7c123e9efce60d1c1056094241425f6285a0ef06a0862
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/777d7489be5e8a81d746388ea10cf69f.js?ver=88eb3 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4169
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/ce4ec659fc6e21c85d4e9306db1d62fc.js?ver=f9c2f
198.54.126.9200 OK 7.1 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/ce4ec659fc6e21c85d4e9306db1d62fc.js?ver=f9c2f
IP 198.54.126.9:0
File type Unicode text, UTF-8 text, with very long lines (8188)
Hash df4a807518f8fdd4cbb660988aa82e38
98bc1b9bf7e9d624aa9f57aa3e4b0a50dad49dce
f2da913b4be4035b4b512bd4b335aea32aa59362fdcb97767475d16f65af9c19
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/ce4ec659fc6e21c85d4e9306db1d62fc.js?ver=f9c2f HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7098
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/66226184c909466dbfc8177ee8bc706e.js?ver=b1e8b
198.54.126.9200 OK 1.1 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/66226184c909466dbfc8177ee8bc706e.js?ver=b1e8b
IP 198.54.126.9:0
File type ASCII text, with very long lines (3223)
Hash 17d6029c09df7e166d699cf9f3962185
0f119441465fb731ef95f16479d8eb9ab6097d69
79b27797a21b79eef21c37c44d8eb4b9f36a9cf797982ef505cbb8d994211693
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/66226184c909466dbfc8177ee8bc706e.js?ver=b1e8b HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1086
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/ac7fd40297a93db433263adbfad5bdea.js?ver=f29ad
198.54.126.9200 OK 2.1 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/ac7fd40297a93db433263adbfad5bdea.js?ver=f29ad
IP 198.54.126.9:0
File type ASCII text, with very long lines (6295)
Hash a09ad330cf1262081f435a86ae8da151
881e574a522dffde7bcf9c924e8e39a8d949968f
9c30d766cd5e4879b6b1bbbe4d54cca2444a038156979a20477b1e7b10d0cb97
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/ac7fd40297a93db433263adbfad5bdea.js?ver=f29ad HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2101
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/fa246a9471b5ecb84eb8eb8c9667bdbc.js?ver=ce4ea
198.54.126.9200 OK 4.0 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/fa246a9471b5ecb84eb8eb8c9667bdbc.js?ver=ce4ea
IP 198.54.126.9:0
File type HTML document, ASCII text, with very long lines (12309)
Hash 7846ec5d3cc2df0a1838d9fa9eaae555
a725aef15a5d7b6fd83e50004e7d821ddc34f7a2
feaa6e121292f4fe0cccc951c4ff3a946d64b917df789488de98add2c4569142
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/fa246a9471b5ecb84eb8eb8c9667bdbc.js?ver=ce4ea HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3961
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
198.54.126.9200 OK 31 kB URL HTTP/2 vinayakinterior.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 198.54.126.9:0
File type ASCII text, with very long lines (65447)
Hash 1b5264c989379b828aff60f65a518a24
98641237f14ccb33ac114f54329a33bd0aa17eb7
6c8e7b78c6dbc13426810c905572db7589cf3e00264e30ce797fddb0b1092237
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 04:36:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 30995
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/788b7b9082c41bc93c2269c32011adfb.js?ver=6225e
198.54.126.9200 OK 6.6 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/788b7b9082c41bc93c2269c32011adfb.js?ver=6225e
IP 198.54.126.9:0
File type HTML document, ASCII text, with very long lines (25273)
Hash 1fb5063e4f070677dde590237ac49efb
8de7bd68e01d78718524659ffe706dbe9001c728
16b7913c76fe259f856f1203b014c3ee96120e4169d47435ba3cb2bdf7f39009
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/788b7b9082c41bc93c2269c32011adfb.js?ver=6225e HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6564
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/458c0631d31ec6d0df55d294aaa74d8a.js?ver=1e4fa
198.54.126.9200 OK 3.9 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/458c0631d31ec6d0df55d294aaa74d8a.js?ver=1e4fa
IP 198.54.126.9:0
File type ASCII text, with very long lines (11759)
Hash c6cc60ef915e1e6da552918e1a4640ad
73f2fbc34c853d9dfcf0e78ac24b326ec95185e8
04d2433b5f5ef2da1123eb9682f01e8e1e80a021a093c78709db07e942b80f66
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/458c0631d31ec6d0df55d294aaa74d8a.js?ver=1e4fa HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3916
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/e71884b96e501b25c6ff2e9ef442bdb3.js?ver=65363
198.54.126.9200 OK 594 B URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/e71884b96e501b25c6ff2e9ef442bdb3.js?ver=65363
IP 198.54.126.9:0
File type ASCII text, with very long lines (924)
Hash 1efcc5611e22475d7b100eee8a23f2ec
d32f38c6d3025539dc46f1b276dd94def1eb4541
bf5257dd898a03e1ef733701a9585c1c48dc72385e89c8fa4bb834a461d25d6b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/e71884b96e501b25c6ff2e9ef442bdb3.js?ver=65363 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 594
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
198.54.126.9404 Not Found 26 kB URL HTTP/2 vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
IP 198.54.126.9:0
Hash 1bdacc83028d0eea930af49ed038c10d
bb365ca31ef769c8100d481b1b6f03a614022f71
8ad12f95bc258a1549f201f0718ddd1287076bfd1d7cdceed58330f253d619e1
Analyzer Verdict Alert fortinet Malware
GET /urr/LP/uC/3XFf2xTT.zip HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Fri, 04 Nov 2022 23:26:43 GMT
server: Apache
x-powered-by: PHP/7.2.34
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://vinayakinterior.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-tag: ea2_HTTP.404,ea2_404,ea2_URL.b0ea6938954d5a099b790ac860924e31,ea2_,ea2_MIN.079515185260ec1c1f337d1b57b1493c.css
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/835c8700f8bc6413a1e37a0626314624.js?ver=024bf
198.54.126.9200 OK 559 B URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/835c8700f8bc6413a1e37a0626314624.js?ver=024bf
IP 198.54.126.9:0
File type ASCII text, with very long lines (1722)
Hash 3dcf65e3088937f62abf0c2e277dcb70
f5dd8aaee1c4864ea22167f3225a61620d828262
ced6bd6a9e9a95afda9df7d8325057e0697fe2cb862d4902751cbf07959e894f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/835c8700f8bc6413a1e37a0626314624.js?ver=024bf HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 559
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/7fe3944317d3142b2e48ae83a2db2658.js?ver=9625d
198.54.126.9200 OK 1.1 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/7fe3944317d3142b2e48ae83a2db2658.js?ver=9625d
IP 198.54.126.9:0
File type ASCII text, with very long lines (1212)
Hash 73806a4515ec41e7f036fadd0f100b08
44a214b9628bf97146a1f96f7ad7adafbb24b1c9
c9d7fbf1544280a7a97e0585533adce9452520d29647fd60b5227faf2df7b0c0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/7fe3944317d3142b2e48ae83a2db2658.js?ver=9625d HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1121
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/76c462a4206e0989bc3f2bbc4714bea1.js?ver=249ed
198.54.126.9200 OK 12 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/76c462a4206e0989bc3f2bbc4714bea1.js?ver=249ed
IP 198.54.126.9:0
File type ASCII text, with very long lines (52319)
Hash 0db3ec544b6b9f421a23ad6d5241e92a
d9dde2269156f071ab8d3b8d66ce0aa95f928a73
454582690208a801a6d689076860ffb89d12f35309c324ddcdf944ffd3ec05fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/76c462a4206e0989bc3f2bbc4714bea1.js?ver=249ed HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12371
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/573dbe1e7803af8b37cfccd23493fdb3.js?ver=a3adc
198.54.126.9200 OK 6.5 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/573dbe1e7803af8b37cfccd23493fdb3.js?ver=a3adc
IP 198.54.126.9:0
File type Unicode text, UTF-8 text, with very long lines (17818)
Hash 80159fc390c3d857a9f86f45a29f9c3a
dc01b5cb5e47c655370a7aa7a14f114ebae1df4c
0fc3147f17cc859dd7a0211672e88419514b572bc501699e3e85f637e04b6188
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/573dbe1e7803af8b37cfccd23493fdb3.js?ver=a3adc HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6535
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/3aaf75abdd1fb2c812247bec3840046a.js?ver=0046a
198.54.126.9200 OK 510 B URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/3aaf75abdd1fb2c812247bec3840046a.js?ver=0046a
IP 198.54.126.9:0
File type ASCII text, with very long lines (999)
Hash 8e967fd1e12293cc5d046725bf5a2542
4c68b03bc0907a6832021d02e002fd320fdbe3cd
678014358ba1a4271e5934c8291e21414e80a605fd14354ad0ee41472745f01b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/3aaf75abdd1fb2c812247bec3840046a.js?ver=0046a HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 510
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/f9ae3f454036f91e66f7696a72411041.js?ver=11041
198.54.126.9200 OK 541 B URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/f9ae3f454036f91e66f7696a72411041.js?ver=11041
IP 198.54.126.9:0
File type ASCII text, with very long lines (809)
Hash 26c34aa3f00838538b83e7011017a3d3
e1947843a88729bf153f4025eceafc60b09ca165
c033aaa9c34311736f6896a0a74c2f39a74c0fb93560df6da92c8eef39d33c13
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/f9ae3f454036f91e66f7696a72411041.js?ver=11041 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 541
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/03524a951cad2c2082f17ed644fb3968.js?ver=00668
198.54.126.9200 OK 9.4 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/03524a951cad2c2082f17ed644fb3968.js?ver=00668
IP 198.54.126.9:0
File type ASCII text, with very long lines (2125)
Hash 61a7e58a56d9cf71038be8358152b897
efe84a9b1259cf732c74c4fdab936e11dcafebd1
1bbd716ab22b08e2ae6775dd7f1629f2141cfdcc22a7ff98cb49f468a3f1b4fd
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/03524a951cad2c2082f17ed644fb3968.js?ver=00668 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9366
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/js/d200057e65f6bafe2e968552b0e0ce5e.js?ver=75a8b
198.54.126.9200 OK 53 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/d200057e65f6bafe2e968552b0e0ce5e.js?ver=75a8b
IP 198.54.126.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 963ebf63c8d3fd214be6615e9f8c31c5
692f85610fb67ed83c8e70b74274244bb1968653
9a39280667c8440b17b11c92d641ff08d193e3ec76c0d66fb76a68448f223f8f
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/d200057e65f6bafe2e968552b0e0ce5e.js?ver=75a8b HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 52880
content-type: application/javascript
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtF.ttf
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtF.ttf
IP 216.58.207.195:0
File type TrueType Font data, 12 tables, 1st "GPOS", 8 names, Microsoft, language 0x409\012- data
Hash c2172a94bd5187860cd59ea3a4fe7e0b
301b7fb1ff8c5f6ba7da7d91886a487567766850
984667ca605aad51492ad4df97ba583d5dc3585c85c97b62fafaea8fca262d4c
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtF.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vinayakinterior.com
Connection: keep-alive
Referer: https://vinayakinterior.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11492
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 17:25:07 GMT
expires: Fri, 03 Nov 2023 17:25:07 GMT
cache-control: public, max-age=31536000
age: 108099
last-modified: Wed, 27 Apr 2022 16:07:03 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/litespeed/css/079515185260ec1c1f337d1b57b1493c.css?ver=dd53f
198.54.126.9200 OK 99 kB URL HTTP/2 vinayakinterior.com/wp-content/litespeed/css/079515185260ec1c1f337d1b57b1493c.css?ver=dd53f
IP 198.54.126.9:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b481421955133c999fd2e4fae1bdd67a
71fdd6cbb9044af8d2521d892556a925fde38064
6df95c2e28177a8966541408ecd0a149ea3c0e82db6633ad058cf2de3a385ff0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/css/079515185260ec1c1f337d1b57b1493c.css?ver=dd53f HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Wed, 02 Nov 2022 07:46:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
X-Firefox-Spdy: h2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf
IP 216.58.207.195:0
File type TrueType Font data, 18 tables, 1st "GDEF", 8 names, Microsoft, language 0x409\012- data
Hash e6375c7b52e93bc0067d514a474a8702
437bd051c80323e8dd14d203a83d328728cc8a9a
e992e2b55cf0ff47c87a416c16e169e7f7be0c94cf2afefd600ee1e3b2fef286
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7CA.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vinayakinterior.com
Connection: keep-alive
Referer: https://vinayakinterior.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20758
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 01 Nov 2022 23:16:42 GMT
expires: Wed, 01 Nov 2023 23:16:42 GMT
cache-control: public, max-age=31536000
age: 259804
last-modified: Tue, 19 Apr 2022 18:51:53 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 656a355c6cb333c5554fa65748d3d165
15e6dc206e412e258ca49e2eec46e67b831ea4a6
3bdcb16737f73a6985f7cfe3b221882d91b27ab3ec6f940f14477f94a0e40720
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vinayakinterior.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
198.54.126.9200 OK 5.0 kB URL HTTP/2 vinayakinterior.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1
IP 198.54.126.9:0
File type ASCII text, with very long lines (15660)
Hash e6624e0b978e6ddba476be41aaaa82df
822e920d8233072110ed7c8a7f379e5b13209b18
dac86a9ce08e4d8cded47b4fa900a664b0c997d8910c2a1be54a423678925a41
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:46 GMT
server: Apache
last-modified: Thu, 04 Aug 2022 07:23:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5009
content-type: application/javascript
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/themes/YugTechnology/fonts/mfn-icons.woff?23391439
198.54.126.9200 OK 81 kB URL HTTP/2 vinayakinterior.com/wp-content/themes/YugTechnology/fonts/mfn-icons.woff?23391439
IP 198.54.126.9:0
File type Web Open Font Format, TrueType, length 80636, version 1.0\012- data
Hash 3da843d15ed5d4d39e269cfbad8345fb
1d915a3fd051f9e9cf6f545dfe31939fdb368738
f6134456d89988ada75cfdf21df40c6abdccccf01b48a669add0223f3fa38ec4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/YugTechnology/fonts/mfn-icons.woff?23391439 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://vinayakinterior.com/wp-content/litespeed/css/079515185260ec1c1f337d1b57b1493c.css?ver=dd53f
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:46 GMT
server: Apache
last-modified: Thu, 04 Aug 2022 07:23:31 GMT
accept-ranges: bytes
content-length: 80636
content-type: font/woff
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
142.250.74.163200 OK 162 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (590)
Size 162 kB (162282 bytes)
Hash 05e06c50dab6f3d7f8bfde22301888db
64b3c20c788d298a672fabf9627eac914d95ed08
95176711feca1110e764a31e36764d5b331b033ed56fb372b42250329b33e1d6
GET /recaptcha/releases/Ixi5IiChXmIG6rRkjUa1qXHT/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vinayakinterior.com
Connection: keep-alive
Referer: https://vinayakinterior.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162282
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Nov 2022 22:23:25 GMT
expires: Sat, 04 Nov 2023 22:23:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 31 Oct 2022 04:02:45 GMT
content-type: text/javascript
age: 3801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
vinayakinterior.com/wp-content/uploads/2022/10/vinayak_logo_-_Copy-removebg-preview.png
198.54.126.9200 OK 53 kB URL HTTP/2 vinayakinterior.com/wp-content/uploads/2022/10/vinayak_logo_-_Copy-removebg-preview.png
IP 198.54.126.9:0
File type PNG image data, 251 x 251, 8-bit/color RGBA, non-interlaced\012- data
Hash e679efadb57b527fd141a1cc92b046d3
961c24d8e835c13cb898864ec44024033ce858c9
8e9c9269c01f55e5b59ad8002caacb6798aec93ad02049b62a543829007c8b03
GET /wp-content/uploads/2022/10/vinayak_logo_-_Copy-removebg-preview.png HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:46 GMT
server: Apache
last-modified: Sat, 15 Oct 2022 08:02:29 GMT
accept-ranges: bytes
content-length: 53437
content-type: image/png
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5de5a7ee16d3f3164758282fbecef0a3
82fb2ac7d306e1f9724adc0ba2ef9e549baa9100
ad55f91c5fb1f872310a5f5777a65b79a338138d241a674449da2e0edde1f2ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDsWsgAAAAANIDFgpQq2hHdNVmkyCbXFy6Oi43&co=aHR0cHM6Ly92aW5heWFraW50ZXJpb3IuY29tOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=xialil1qu01o
142.250.74.164200 OK 22 kB URL HTTP/2 www.google.com/recaptcha/api2/anchor?ar=1&k=6LdDsWsgAAAAANIDFgpQq2hHdNVmkyCbXFy6Oi43&co=aHR0cHM6Ly92aW5heWFraW50ZXJpb3IuY29tOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=xialil1qu01o
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (35110)
Hash c0656566e6c9afa789daab5add120c85
a7dddb649bc7c8206d8a3e9cdc8f538e32b3a625
1c1b7215805891e5b7995978d75b5e887c703112fbdd6fa25ba054125c0f7e94
GET /recaptcha/api2/anchor?ar=1&k=6LdDsWsgAAAAANIDFgpQq2hHdNVmkyCbXFy6Oi43&co=aHR0cHM6Ly92aW5heWFraW50ZXJpb3IuY29tOjQ0Mw..&hl=en&v=Ixi5IiChXmIG6rRkjUa1qXHT&size=invisible&cb=xialil1qu01o HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Nov 2022 23:26:46 GMT
content-security-policy: script-src 'nonce-DrN0GPlmFzwXrT51JJ-6GQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 22462
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4a9066e8faeec7f06d9a7e91bef8ff52
699ce1c29412a4c3f9018f4deceb3db399ddcd29
46461d19bf1ea06f23d89c4179135eaca9d7c8753a91e913b3adaf2615bee36f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 04 Nov 2022 23:26:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vinayakinterior.com/wp-content/litespeed/js/b297ae3bcebec36ae7ae5804911cb714.js?ver=2fdd1
198.54.126.9200 OK 0 B URL HTTP/2 vinayakinterior.com/wp-content/litespeed/js/b297ae3bcebec36ae7ae5804911cb714.js?ver=2fdd1
IP 198.54.126.9:0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/litespeed/js/b297ae3bcebec36ae7ae5804911cb714.js?ver=2fdd1 HTTP/1.1
Host: vinayakinterior.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vinayakinterior.com/urr/LP/uC/3XFf2xTT.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 04 Nov 2022 23:26:45 GMT
server: Apache
last-modified: Fri, 04 Nov 2022 23:26:44 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2460
content-type: application/javascript
X-Firefox-Spdy: h2