linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
81.177.141.11200 OK 2.9 kB URL HTTP/2 linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
IP 81.177.141.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (643), with CRLF, LF line terminators
Hash 1f8ade7913a1e58ce36b3281cff99330
81f570e82acc606e85c7de257ac0bf540ac44a04
767d303ea63018a9cf53a63530dda65b3e9d251cf9e36e643d62b500a08be2fe
Analyzer Verdict Alert openphish Credit Agricole S.A.
fortinet Phishing
quad9 Sinkholed
GET /yajgev01/wp-tech01/gen/irYG6ATrgUk3 HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: text/html; charset=UTF-8
content-length: 2890
server: Jino.ru/mod_pizza
set-cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82; expires=Mon, 30-Jan-2023 17:41:43 GMT; Max-Age=10800; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8532
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 14:41:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12438
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 14:41:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 13:43:12 GMT
content-type: application/json
age: 3511
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7674
Expires: Mon, 30 Jan 2023 16:49:37 GMT
Date: Mon, 30 Jan 2023 14:41:43 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2doUzJuicRD1QlkDzRILDYyuldWPvClMxAKKUnmmtZknTKHJUSNLZx1DyW15Vzb91Si1XnOBTeM=
x-amz-request-id: XG65Z69D1768WJKM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 14:21:49 GMT
age: 1194
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
linkler.ru/css/bootstrap.css
81.177.141.11200 OK 25 kB URL HTTP/2 linkler.ru/css/bootstrap.css
IP 81.177.141.11:0
File type Unicode text, UTF-8 text, with very long lines (560)
Hash 4685db8bb8804c47b753fe841951f2f5
8e30fe82f088cbf32af8816321af742ec9798c86
40883e4620a1654fdd7f3e1e97a4ee4975c5c29ae563e6ba30d63b225ec03f83
Analyzer Verdict Alert quad9 Sinkholed
GET /css/bootstrap.css HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: text/css
content-length: 25318
server: Jino.ru/mod_pizza
last-modified: Mon, 18 Oct 2021 18:18:27 GMT
etag: "165063c-2fc78-5cea49245e38b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/fancybox-master/dist/jquery.fancybox.min.css
81.177.141.11200 OK 3.1 kB URL HTTP/2 linkler.ru/fancybox-master/dist/jquery.fancybox.min.css
IP 81.177.141.11:0
File type ASCII text, with very long lines (12795), with no line terminators
Hash 18b46dae08e98971b16123ea48913d23
e0a1aa82445a38538413b488924613c44861c59d
62c06f2ea24cfdf0003164fca05560cc8b5333f6ef312016458e05ecbb7c8f62
Analyzer Verdict Alert quad9 Sinkholed
GET /fancybox-master/dist/jquery.fancybox.min.css HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: text/css
content-length: 3096
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:20 GMT
etag: "1650d28-31fb-5ce8e7bc3ebf3"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/fa4/css/font-awesome.min.css
81.177.141.11200 OK 7.1 kB URL HTTP/2 linkler.ru/fa4/css/font-awesome.min.css
IP 81.177.141.11:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert quad9 Sinkholed
GET /fa4/css/font-awesome.min.css HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: text/css
content-length: 7053
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:16 GMT
etag: "1650642-7918-5ce8e7b883249"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/css/main_style.css
81.177.141.11200 OK 1.7 kB URL HTTP/2 linkler.ru/css/main_style.css
IP 81.177.141.11:0
File type assembler source, Unicode text, UTF-8 text, with CRLF line terminators
Hash c42122b43a1f5caf5b448c1fbe9b4d76
485a7a154478abd5b5271134a0c644b53e433b2e
b3d9771a8e7d7255a12cc57185463fa17aecbe55007990ba066e3385d58661fd
Analyzer Verdict Alert quad9 Sinkholed
GET /css/main_style.css HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: text/css
content-length: 1658
server: Jino.ru/mod_pizza
last-modified: Thu, 21 Oct 2021 11:22:33 GMT
etag: "165063f-170d-5cedb1c723928"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/js/inputmask.js
81.177.141.11200 OK 12 kB URL HTTP/2 linkler.ru/js/inputmask.js
IP 81.177.141.11:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (364), with CRLF line terminators
Hash 378c41dfd227344d8b320dda1c34d56c
46039ae5f1c6f339d785c750d48dfc087aaed10d
b659423aaa5a7fe2cc69705e0988c616e2c04a2568a4c3272e28e7060c432d38
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/inputmask.js HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/javascript
content-length: 12532
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:10 GMT
etag: "16505f7-11905-5ce8e7b2f18cc"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/js/formsender.v1.2.js
81.177.141.11200 OK 1.7 kB URL HTTP/2 linkler.ru/js/formsender.v1.2.js
IP 81.177.141.11:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 766c1aa04a4178c8461c8f6aad532f4a
b45076683dc7367a624c8ebb512b5d0cbddc6347
0ad5351764c399715b79545690fb21d8647f55bf5dde25e164ba3d6fa4bd9723
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/formsender.v1.2.js HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/javascript
content-length: 1742
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:10 GMT
etag: "16505f6-1a43-5ce8e7b2db168"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/fancybox-master/dist/jquery.fancybox.min.js
81.177.141.11200 OK 22 kB URL HTTP/2 linkler.ru/fancybox-master/dist/jquery.fancybox.min.js
IP 81.177.141.11:0
File type HTML document, ASCII text, with very long lines (31972)
Hash 54062b7f23dde09e4de95aee3a8fab5e
460a0f90c61c6adbf38d29d93b4207cca2ab10af
8852310f2bc8b3732157e24dee8b67b7d52b33ed2bad2380b84d57717ea9cbc4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fancybox-master/dist/jquery.fancybox.min.js HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/javascript
content-length: 22013
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:20 GMT
etag: "1650d29-10a9d-5ce8e7bc5285f"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/js/jquery.cookie.js
81.177.141.11200 OK 1.4 kB URL HTTP/2 linkler.ru/js/jquery.cookie.js
IP 81.177.141.11:0
Hash 2c4d7966421c41d84d5bda0694861270
a73ef3347d87bd7cf1620fdebf9ce138180a2729
e09baf0194c04662f4e66fa103acdae0129dc30a925769d63a86f56c4aa3449b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.cookie.js HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/javascript
content-length: 1365
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:11 GMT
etag: "16505f9-c31-5ce8e7b354eb4"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/js/bootstrap.min.js
81.177.141.11200 OK 16 kB URL HTTP/2 linkler.ru/js/bootstrap.min.js
IP 81.177.141.11:0
File type ASCII text, with very long lines (59810)
Hash c687d017bae29b7f0671a025bab8eeb1
93b7a84606685db8baac9c592631eb33e85ba6b9
f200460bc2b4ae660d1041895cd028a59556e918f6a1ba3c9e52919c768fda66
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/javascript
content-length: 15940
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:10 GMT
etag: "16505f4-eab9-5ce8e7b299a7d"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
linkler.ru/favicon/android-icon-192x192.png
81.177.141.11200 OK 2.3 kB URL HTTP/2 linkler.ru/favicon/android-icon-192x192.png
IP 81.177.141.11:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 5f25c34a22e747144b2c09d634d6a8ab
c879b9b7b6ba05de553340d429719e23d40e474f
fe95318e0370e28c57c32a2993252a4261a61d0fc84d8eaa7aa8887e19fdcf24
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon/android-icon-192x192.png HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: image/png
content-length: 2335
server: Jino.ru/mod_pizza
last-modified: Mon, 18 Oct 2021 10:44:04 GMT
etag: "1650d72-91f-5ce9e393dc63d"
accept-ranges: bytes
X-Firefox-Spdy: h2
linkler.ru/favicon/favicon-16x16.png
81.177.141.11200 OK 972 B URL HTTP/2 linkler.ru/favicon/favicon-16x16.png
IP 81.177.141.11:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 8efce338d41c2a47216ff34a0333d64b
e5c6a1b5523e624280f3cd4113d324aefcb0b02f
0d021f60f4d7e11d920dcc1dc9a48d715c35dc503d7949a6daaad52c1771fcbb
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon/favicon-16x16.png HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: image/png
content-length: 972
server: Jino.ru/mod_pizza
last-modified: Mon, 18 Oct 2021 10:44:04 GMT
etag: "1650d83-3cc-5ce9e39495f1b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 42f3abd172caa9d88d008b013d822339
356ae738a85439f6b7f9a0b5dbcf23e91d260bd0
30086fd809365a6af604a1bec9dd782654d81ad32e36d6a3d53d7704185c58fb
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:41:43 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Fri, 03 Feb 2023 10:16:59 GMT
ETag: "356ae738a85439f6b7f9a0b5dbcf23e91d260bd0"
Last-Modified: Mon, 30 Jan 2023 10:17:00 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2253
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791af8578f2db4ed-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 14:41:41 GMT
age: 2
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Mon, 30 Jan 2023 14:41:43 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Mon, 30 Jan 2023 15:41:43 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7306
Expires: Mon, 30 Jan 2023 16:43:29 GMT
Date: Mon, 30 Jan 2023 14:41:43 GMT
Connection: keep-alive
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 30 Jan 2023 14:41:44 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Mon, 30 Jan 2023 15:41:44 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/85903947/1?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
93.158.134.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/85903947/1?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash ce30653dfdcaecca14acc81428ba8515
cfa485eb4d2002a614e99eedb0e0eefa29d67a5a
fa858f166703b62838a6f9ab5889f7abf4e238a6d7531aa9b559d624c69b8971
GET /watch/85903947/1?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://linkler.ru
Referer: https://linkler.ru/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Mon, 30 Jan 2023 14:41:44 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://linkler.ru
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 14:41:44 GMT
last-modified: Mon, 30-Jan-2023 14:41:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.164.100.136101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.100.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rSSJvOUkxcu1CZE6AncMVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PboenHrvJw7J7ZtaXpbeBIhDDxs=
yajgev01.wp-tech01.gen.in/xconnect/
95.216.102.249200 OK 761 B URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1339), with no line terminators
Hash ec7051360e8f4ab5c2b8c39d921ac6e6
85c3f935961e3de8a77023cf6d4633b85f8c4622
f6a39740244bac82c1c16d277cb443faff7a2df2a868f4646bcd045c0fb71796
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/ HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
yajgev01.wp-tech01.gen.in/xconnect/config/init.js
95.216.102.249200 OK 365 B URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/config/init.js
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
Hash e155d6a54c19126b22249dc827840eec
9789885a48465986f9b5c8caebd05dbd5ff52131
b7ec88cdec75115399012fb022602fea3cd499323edf877836f93b50669366c8
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/config/init.js HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 05:06:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8b9-1f7"
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
104.17.24.14200 OK 452 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/adblock-detect/1.0.5/index.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (1061), with no line terminators
Hash c660dfc8d0f8ceda2de56842c100d23a
36e3ae4c06d0fa91ef0392c065cb97b83ffe5d64
8ccccd57855b34077443f3fe5ed6d212ef8f5e6029bbd1b18c827699b99eb336
GET /ajax/libs/adblock-detect/1.0.5/index.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://yajgev01.wp-tech01.gen.in
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:44 GMT
content-type: application/javascript; charset=utf-8
content-length: 452
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03cf5-425"
last-modified: Mon, 04 May 2020 16:04:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 17937773
expires: Sat, 20 Jan 2024 14:41:44 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yuO0H3A4tsM8DoSBKUam6vormJ5BVJUmkKNKbvOuWuQLUYPaCnTUSO1du6HVkXxfg4z9nUk9pB3I3kH2ViBBcVlEr5NQPFjWVUgVRwi74096WO2UDlg8wNYL7h%2BzqizqmJMPO0wq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 791af85dfc7cb4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
yajgev01.wp-tech01.gen.in/xconnect/js/app.f08ebc70.js
95.216.102.249200 OK 3.0 kB URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/js/app.f08ebc70.js
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (6576), with no line terminators
Hash fd9fc9207afa8d63932c42533042c819
1153ec640a65db8008a717f531e6797052990dba
364d4566f127e48c43b806819967bbc0d963002be90dc014066b9105d6e790d4
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/js/app.f08ebc70.js HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 05:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8c2-19b0"
Content-Encoding: gzip
yajgev01.wp-tech01.gen.in/xconnect/css/app.ccab8aee.css
95.216.102.249200 OK 812 B URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/css/app.ccab8aee.css
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (2181), with no line terminators
Hash 8bfbfd59809a81c9ceb7c326bbcc074d
6c1b426e3424bcf8d88a381b269b30397b0ae9c7
10d5ec13dc86d96bd8fcbd19e3653f7812e38aa0a8cfe3110f328f85e915d1be
GET /xconnect/css/app.ccab8aee.css HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: text/css
Last-Modified: Wed, 25 Jan 2023 05:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8ba-885"
Content-Encoding: gzip
cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
151.101.1.229200 OK 305 B URL HTTP/2 cdn.jsdelivr.net/npm/@adonisjs/framework@5.0.13/index.min.js
IP 151.101.1.229:0
Hash 36c8721a7ad91c2fa311684ada8dd767
d1d3d67d10fe2781c75faeb7fdf8ea1c0dd1543c
52b9e76467478ef29b0904f653393473ee55e64f48804014412541c877181196
GET /npm/@adonisjs/framework@5.0.13/index.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.13
x-jsd-version-type: version
etag: W/"1ae-myc90tb7oItlxVsc5EMaDyV2uOM"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 30 Jan 2023 14:41:44 GMT
age: 7802548
x-served-by: cache-fra-eddf8230100-FRA, cache-bma1676-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 305
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yajgev01.wp-tech01.gen.in/xconnect/css/vendor.677b4d5b.css
95.216.102.249200 OK 96 kB URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/css/vendor.677b4d5b.css
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 55bd80d75cd7e98a39afd9fd60d4f2c2
bec6b71379dd98dcd70f62df07b813a6b490935c
6f9a5e1d70870ef955e7f3a6438c5edd94d3a446a909d4d6d1891d433c969e2e
GET /xconnect/css/vendor.677b4d5b.css HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: text/css
Last-Modified: Wed, 25 Jan 2023 05:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8ba-755dc"
Content-Encoding: gzip
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash 7cea84118772d93afddd09873a0a69fd
da3e94a8244726e60879d6f24f51af77348d888c
4579d2ea942997fbdf9ec83439e8473700147fa33049a875d6f8234e71fc8f51
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "01917D3F70F7D05DBCC924682E7A9F82CF3D8151"
Expires: Tue, 31 Jan 2023 01:00:00 GMT
Last-Modified: Mon, 30 Jan 2023 13:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3110
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 791af85e387cb4ed-OSL
yajgev01.wp-tech01.gen.in/xconnect/js/vendor.d0887c5f.js
95.216.102.249200 OK 171 kB URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/js/vendor.d0887c5f.js
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (34560)
Size 171 kB (170652 bytes)
Hash 28db95f5476f1871226c108bc6dd7869
9c97c73631c6ccde1e9cf2f5b888fd39bd4f282d
82d885e36253e0ec72cecb0351ebf7439090bbcc53d6a79369ea8039c150fd20
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/js/vendor.d0887c5f.js HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:44 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 05:06:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8c3-70e65"
Content-Encoding: gzip
fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
142.250.74.74200 OK 875 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@400&display=swap
IP 142.250.74.74:0
Hash 73730a1df921779ffb0d08f8d3b94c77
9f7a275967582ae045437e85929caf458074ae72
42e7ec5e584edb3a04130869db90ef735c8a023e0a2b2e66d40acc606c2138d5
GET /css2?family=Poppins:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 30 Jan 2023 14:41:44 GMT
date: Mon, 30 Jan 2023 14:41:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://yajgev01.wp-tech01.gen.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 38175
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9a666c89c82f4bdec0a63f2d316e356a
b0f0ec5d49ddfcdd5eb6de731e2cb391db6de2ea
5173a2bed30c16a113ad0d70c3ac264470878f82c515ac5c4b41c761280eb881
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=164960
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:41:44 GMT
Etag: "63d7b888-116"
Expires: Wed, 01 Feb 2023 12:31:04 GMT
Last-Modified: Mon, 30 Jan 2023 12:31:04 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9a666c89c82f4bdec0a63f2d316e356a
b0f0ec5d49ddfcdd5eb6de731e2cb391db6de2ea
5173a2bed30c16a113ad0d70c3ac264470878f82c515ac5c4b41c761280eb881
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:41:44 GMT
Server: ECS (amb/6BAC)
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 9a666c89c82f4bdec0a63f2d316e356a
b0f0ec5d49ddfcdd5eb6de731e2cb391db6de2ea
5173a2bed30c16a113ad0d70c3ac264470878f82c515ac5c4b41c761280eb881
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=164960
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 14:41:45 GMT
Etag: "63d7b888-116"
Expires: Wed, 01 Feb 2023 12:31:05 GMT
Last-Modified: Mon, 30 Jan 2023 12:31:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
yajgev01.wp-tech01.gen.in/xconnect/js/2.1e1a6a8e.js
95.216.102.249200 OK 1.4 kB URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/js/2.1e1a6a8e.js
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (3692), with no line terminators
Hash ca8b166d504e1d249841b4d00d625ab3
f36110589d293af5a1f5bf1ba44a7fdeeccfe7b5
938be0dddaafd3b7997ef3a7d100733616b2b8600781d6548fdba4079005a6fc
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/js/2.1e1a6a8e.js HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 05:06:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8c2-e6f"
Content-Encoding: gzip
yajgev01.wp-tech01.gen.in/xconnect/js/4.0ec808a8.js
95.216.102.249200 OK 9.0 kB URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/js/4.0ec808a8.js
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (32728), with no line terminators
Hash 8edce874f5b0d3f82df2b5ac7aa33b06
a5626b8fa47b0bfe0862206e9cd52be61173e30a
601abea1a2330e086ed770aa16e867ad8b24e3b3b99ba0a3f0e3edbc5bad5eb4
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/js/4.0ec808a8.js HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:45 GMT
Content-Type: application/javascript
Last-Modified: Wed, 25 Jan 2023 05:06:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63d0b8c1-8049"
Content-Encoding: gzip
ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
188.114.97.1101 Switching Protocols 0 B URL HTTP/1.1 ns.cdn-services.com/socket.io/?EIO=3&transport=websocket
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://yajgev01.wp-tech01.gen.in
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m7vJK8iTwPluAtCNl2B++g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Mon, 30 Jan 2023 14:41:45 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g0T0Z92leZq1YcFejvWv4NquxNg=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LhPcytzNbGQx3eQPCYb05S0Ur5%2FVTLpn8btEmBW1rGkjYA%2Bfz%2F5o3XNesIncZVU12%2Fs8WugD2oEFQukDTOCW9qysunDgdoZU5OB2Pt1hcdLKpJkHqMjJHnCF%2FK%2B1HszfQ2HTiKP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 791af860adfbb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
yajgev01.wp-tech01.gen.in/xconnect/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2
95.216.102.249200 OK 103 kB URL HTTP/1.1 yajgev01.wp-tech01.gen.in/xconnect/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2
IP 95.216.102.249:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format (Version 2), TrueType, length 102788, version 1.0\012- data
Size 103 kB (102788 bytes)
Hash df8803afe71155fa95130772bd0da593
bd7f2ac4af45ec77fe3f9f7310099e5b950af54e
9e0871a566b5aca8cac810404e207cb1eea58dbb04c5c97a7a860140edb9b5d0
Analyzer Verdict Alert fortinet Phishing
GET /xconnect/fonts/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.ae520e14.woff2 HTTP/1.1
Host: yajgev01.wp-tech01.gen.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/xconnect/css/vendor.677b4d5b.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Mon, 30 Jan 2023 14:41:45 GMT
Content-Type: font/woff2
Content-Length: 102788
Last-Modified: Wed, 25 Jan 2023 05:06:04 GMT
Connection: keep-alive
ETag: "63d0b8bc-19184"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16151
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 14:41:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16151
Expires: Mon, 30 Jan 2023 19:10:56 GMT
Date: Mon, 30 Jan 2023 14:41:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 60138
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65c02d8a1b0d6a210cb2a649c5c67469
027dbc7a104c922904f067ed15d696c363c11774
89d5443a1d313c632d09a583ef602aa4645a16986076387329f434262d15b0a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F72e6599c-6a41-4dd2-a346-b15fa84cb20a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10997
x-amzn-requestid: a6fac0ab-1acf-4808-8785-3b4ec5e32edf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj30FX7IAMFa5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e698-005109ec2e76529e793678d6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: skGKI_MWvDwpAbGibUcr8wTlimgoPU9ZYhEHltd3uhdJZ_GoNznVAA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:08:57 GMT
etag: "027dbc7a104c922904f067ed15d696c363c11774"
content-type: image/jpeg
age: 59568
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3EXFa0gb46AbdZ9ZznGiPTemGZ7zWh9WLs5Yr1zmfyh_jyKA6o7xoA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:19:57 GMT
age: 58908
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 60623
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PyA7JoIHpcBuMaoGjSH3XdUZ0PmHYITS4606WbOLHitdOmLbIPpxJQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 15:39:26 GMT
age: 82939
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5190c0bdc6abe0ee258e9f8c20ddaf51
d60f280f8a742480527dbc32d08f321f972d4fcf
874b38a04aa3736e65aaef72da2cc2efceb208618267107a495bdfe51ec58e58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F55e9b24d-3c7c-46d8-89b7-084483cc3d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12507
x-amzn-requestid: 85c9adcd-b997-48ca-bbfb-ccdeaf3e8cfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFaJoAMFqKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-2bcdd8c353d8429d2b1e95f6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XABaoZCqUulmnfZOXx6XTLSUMS5Mie6u0OfkqozmBzCf3Qjzf-fbRA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:54:32 GMT
age: 60433
etag: "d60f280f8a742480527dbc32d08f321f972d4fcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b5463aee1cbe362bd3107274cd68a92
466bd3eb02e1106403e0eb47e7f7c66225e4eea7
5dd96551decb3c580239219e13229be149ea5ea4aba93ef3ddb3fc1439027288
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:41:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 12:40:40 GMT
Expires: Sat, 04 Feb 2023 12:40:39 GMT
Etag: "466bd3eb02e1106403e0eb47e7f7c66225e4eea7"
Cache-Control: max-age=424133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791af862fb100b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b5463aee1cbe362bd3107274cd68a92
466bd3eb02e1106403e0eb47e7f7c66225e4eea7
5dd96551decb3c580239219e13229be149ea5ea4aba93ef3ddb3fc1439027288
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:41:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 12:40:40 GMT
Expires: Sat, 04 Feb 2023 12:40:39 GMT
Etag: "466bd3eb02e1106403e0eb47e7f7c66225e4eea7"
Cache-Control: max-age=424133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791af862fa010b69-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4b5463aee1cbe362bd3107274cd68a92
466bd3eb02e1106403e0eb47e7f7c66225e4eea7
5dd96551decb3c580239219e13229be149ea5ea4aba93ef3ddb3fc1439027288
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 30 Jan 2023 14:41:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 28 Jan 2023 12:40:40 GMT
Expires: Sat, 04 Feb 2023 12:40:39 GMT
Etag: "466bd3eb02e1106403e0eb47e7f7c66225e4eea7"
Cache-Control: max-age=424133,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 791af8609ab9b4e8-OSL
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
158.191.172.47200 OK 6.3 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 6aad7b35286876f8eaf5bc8ca659e1b5
ea44f6b518e680fb5188f18b8202111aae5034a3
4ecc8a8abebf54ec1c40d1461770ac546fe2397c97f0e696de3879c05d6189fc
GET /content/dam/assetsca/master/public/commun/images/autre/images/NPC-logo_Agir_chaque_jour_CA_H_Desktop-1.svg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 13:16:45 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 18 Jan 2023 13:16:45 GMT
Cache-Control: max-age=2592000
Expires: Fri, 17 Feb 2023 13:16:45 GMT
Content-Type: image/svg+xml
Age: 1041900
X-Cache: HIT
X-Cache-Hits: 325447
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6260
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
158.191.172.47200 OK 244 kB URL HTTP/1.1 www.credit-agricole.fr/content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg
IP 158.191.172.47:0
ASN #9159 Credit Agricole S.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=17, height=791, bps=218, PhotometricIntepretation=RGB, description=Diverse culture people using mobile smartphone outdoor - Happy friends having fun with technology trends - Youth, new generatio, manufacturer=SONY, model=ILCE-7M2, orientation=upper-left, width=1326], progressive, precision 8, 960x960, components 3\012- data
Size 244 kB (243919 bytes)
Hash b259c4797d838add41da1047021d2480
13de10f5a348efa8ff3d856f2e347eeff8a33579
c4966ab5e78e2270952b89576c4a0a386e8a7ea673c56f0f396d620abf4f81b8
GET /content/dam/assetsca/master/public/commun/images/zone-de-gauche/connect%C3%A9/acces_cr_part_carre.jpg HTTP/1.1
Host: www.credit-agricole.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yajgev01.wp-tech01.gen.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 18 Jan 2023 13:16:49 GMT
Server: Apache
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Last-Modified: Wed, 18 Jan 2023 13:16:12 GMT
Content-Length: 243919
Cache-Control: max-age=2592000
Expires: Fri, 17 Feb 2023 13:16:49 GMT
Content-Type: image/jpeg
Age: 1041933
X-Cache: HIT
X-Cache-Hits: 48240
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
linkler.ru/js/jquery-3.6.0.js
81.177.141.11200 OK 0 B URL HTTP/2 linkler.ru/js/jquery-3.6.0.js
IP 81.177.141.11:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery-3.6.0.js HTTP/1.1
Host: linkler.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://linkler.ru/yajgev01/wp-tech01/gen/irYG6ATrgUk3
Cookie: PHPSESSID=5bde0841eb6d13a754e84ddbce3bee82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:43 GMT
content-type: application/javascript
server: Jino.ru/mod_pizza
last-modified: Sun, 17 Oct 2021 15:57:11 GMT
etag: "16505f8-491c5-5ce8e7b33d7b0"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/85903947?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
93.158.134.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/85903947?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 93.158.134.119:0
GET /watch/85903947?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://linkler.ru
Connection: keep-alive
Referer: https://linkler.ru/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/85903947/1?wmode=7&page-url=https%3A%2F%2Flinkler.ru%2Fyajgev01%2Fwp-tech01%2Fgen%2FirYG6ATrgUk3&charset=utf-8&site-info=%7B%22ip%22%3A%2291.90.42.154%22%7D&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A714%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A356980276293%3Ahid%3A629854841%3Az%3A0%3Ai%3A20230130144156%3Aet%3A1675089716%3Ac%3A1%3Arn%3A706535445%3Arqn%3A1%3Au%3A1675089716136506591%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C133%2C30%2C1%2C-5%2C0%2C%2C487%2C5%2C%2C%2C%2C735%3Aco%3A0%3Ans%3A1675089715215%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1675089716%3At%3A&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 30 Jan 2023 14:41:44 GMT
access-control-allow-origin: https://linkler.ru
set-cookie: yabs-sid=1367136841675089704; Path=/; SameSite=None; Secure
i=D8hil4GP3W8opeKVmDyRY0QHZLXj12lVCNfoymj5lbdIBjaxZHNCGW8zzNU0wIdOsUKK/hmjtDWaSmvobPG31TMCOes=; Expires=Thu, 27-Jan-2033 14:41:43 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3903852831675089704; Expires=Tue, 30-Jan-2024 14:41:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3903852831675089704; Expires=Tue, 30-Jan-2024 14:41:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1706625704.yc.1675089704#1706625704.yrts.1675089704#1706625704.yrtsi.1675089704; Expires=Tue, 30-Jan-2024 14:41:44 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 30-Jan-2023 14:41:44 GMT
last-modified: Mon, 30-Jan-2023 14:41:44 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ns.cdn-services.com/ip
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET /ip HTTP/1.1
Host: ns.cdn-services.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://yajgev01.wp-tech01.gen.in/
Origin: http://yajgev01.wp-tech01.gen.in
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 30 Jan 2023 14:41:45 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
set-cookie: cook-session=eyJ1c2VySUQiOiI0NDg4NiJ9; path=/; secure; httponly
cook-session.sig=nMquec49p_jwU6t0zCDM89GLgQA; path=/; secure; httponly
etag: W/"13d-+cK0ZY/3WenpUKC4WEVV6OYEvTU"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wrCxFdLLuNvfBeM%2BWpK6eOUkUvTUjtnmJB7N05yVRD0GlrdR49yGfL73IIZdisrZOgf4Qh4RcMhpiL96TjEciHPVcOoAQ7Ch8shzkVZOs8nvJf1eXQ3Lm%2B%2FLMTs%2Fy2OknHRw4qj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791af8601fceb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2