firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 06:29:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EbJWFRcy-v3YoeC0k8TTVFvWdSX6f0C9n4wxoYEZ7ZRXapsLiXwKOg==
Age: 1151
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3334
Expires: Thu, 29 Sep 2022 07:44:20 GMT
Date: Thu, 29 Sep 2022 06:48:46 GMT
Connection: keep-alive
diksuci.in/UsDt.zip
63.250.38.12301 Moved Permanently 707 B IP 63.250.38.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /UsDt.zip HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 29 Sep 2022 06:48:46 GMT
server: LiteSpeed
location: https://diksuci.in/UsDt.zip
x-turbo-charged-by: LiteSpeed
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5575
Expires: Thu, 29 Sep 2022 08:21:41 GMT
Date: Thu, 29 Sep 2022 06:48:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hC+mciHf76kDN1hz2OniIBT1n56f7R4JMEREFeBwdjubi2W0hy/bQ8Mcysrmt10QD5ZkgLnQzQk=
x-amz-request-id: PM5QYMCXHJK36BXV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 06:47:50 GMT
age: 56
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:48:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 06:29:33 GMT
Expires: Thu, 29 Sep 2022 06:37:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bEDHvU04Bw8dh7j2ujpGPLCcFPYNWyG01RML8AHPJKyMDkqheGWadQ==
Age: 1154
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 6a5b4dad6a8fd7c25b87204c396ca918
425c781319d8d8c38770be86c548d4eccfbf9ab4
df061675a16ca74feecf628c34a80d9069fda99ffc2838d464e8173961f20341
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:48:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 05:08:14 GMT
Expires: Wed, 05 Oct 2022 05:08:13 GMT
Etag: "425c781319d8d8c38770be86c548d4eccfbf9ab4"
Cache-Control: max-age=511765,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7522c66e7dd80afa-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:47 GMT
Last-Modified: Thu, 29 Sep 2022 06:28:44 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 04v8C3JsFaEgYqI68IFxqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UB/nRDDlUGzgVxiBZRo0+IF3jtw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iJqlMznUxlZhvkId6f8cJu8dbVThmd6iLiZxHTATX7TeHm_0vYplDA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:30 GMT
age: 12018
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:47:43 GMT
age: 3665
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 8888
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: ff9cdb43-e7f3-4fb3-a2c9-28059f7749e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtFlRoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-2b426b8e379fb9da122731e6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v_9XHswnO6iHo9-XgqSOIDYxa_RSEzQTDqJ5Uoi5pB9sJ3kl3H-XSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 23:45:29 GMT
age: 25399
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 42268
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 8888
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
diksuci.in/UsDt.zip
63.250.38.12404 Not Found 14 kB IP 63.250.38.12:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Hash bced248b37772e2ae3f44709e7acee4c
4ca2dbea58845002b0ee596af010f76b7b0eb08b
9cd6b0bee0543d7d34390b4f33221c2ef64972845955ea71a5228463a4ee4f98
Analyzer Verdict Alert fortinet Phishing
GET /UsDt.zip HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://diksuci.in/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
content-length: 14506
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 06:48:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1
142.250.74.170200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1
IP 142.250.74.170:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 07:45:56 GMT
expires: Thu, 28 Sep 2023 07:45:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 82973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CAldrich%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin-ext%2Chebrew%2Clatin%2Ccyrillic%2Cdevanagari&ver=5.8.5
142.250.74.10200 OK 1.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CAldrich%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin-ext%2Chebrew%2Clatin%2Ccyrillic%2Cdevanagari&ver=5.8.5
IP 142.250.74.10:0
Hash fd4d5f1f54d1279fbf0c312d2c7e5c35
4984c0ec028cd1c450c88dc8d16fdeaf5ce8582d
73773f9b14a443d47610b3b017ca757cb1336dfa81071638a4ed7398572e0db8
GET /css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CAldrich%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin-ext%2Chebrew%2Clatin%2Ccyrillic%2Cdevanagari&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 06:48:49 GMT
date: Thu, 29 Sep 2022 06:48:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diksuci.in/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5
63.250.38.12200 OK 2.6 kB URL HTTP/2 diksuci.in/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5
IP 63.250.38.12:0
File type ASCII text, with very long lines (402)
Hash cbfa034cc4ccb5726949e75740d548ce
a5617d8ad328782746ed5c9df2cb09fde435854e
a611ef68a8442db088615e6f113de35eabc992a6d3d5c8e5489466674f077708
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2609
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5
63.250.38.12200 OK 387 B URL HTTP/2 diksuci.in/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5
IP 63.250.38.12:0
File type ASCII text, with CRLF line terminators
Hash 4b2d06f74eb3a6a35e2c1fad30cb4d1c
e759a0008e3fc6f7861a984564e23732b4960b71
9823f6387da9f8183e7f4bd3013093d8545338edadd3c781e30e3536d384de2c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 387
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.163200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:19 GMT
expires: Tue, 26 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 207630
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
63.250.38.12200 OK 26 kB URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
IP 63.250.38.12:0
File type Unicode text, UTF-8 text, with very long lines (1512)
Hash 450eb0228369ffc72316f932d2b69a5a
f0d8079fac95cca785832c1192a4e904d1a9ab42
68d7cbd396f3c5909423758d43333dd2f2d754a54b369d2151f972e81b9b5ddc
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26101
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
63.250.38.12200 OK 10 kB URL HTTP/2 diksuci.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
IP 63.250.38.12:0
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash cf64bd69df964ad7baacebb5f165288e
3b43b33729294f0378142606559dac91d56919f8
f8d581c3f1abb40a8a24d79f47abe7b7b4ea24207160d0e260d06ca0cdebcb19
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9960
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
63.250.38.12200 OK 557 B URL HTTP/2 diksuci.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
IP 63.250.38.12:0
Hash 22abae7a448d0f1ce2d2c9e1c2d4f08f
2591e602d87b77bf7cf543f133f15678c596148f
48510198ab1b793ab7fccda6568222ce27d6ad0abfbe69f38589d0c73161991a
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 557
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
63.250.38.12200 OK 54 kB URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
IP 63.250.38.12:0
Hash 3763ff780b48d68ea724950acc57e0ee
f05240f745d29eb9469e0047f673ec1f516a1d0c
6c8e222276e96134f5a0e516e0d6aeec09eb8271c22c68e999a17c9d92d6dcfd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53636
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8
63.250.38.12200 OK 1.4 kB URL HTTP/2 diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8
IP 63.250.38.12:0
File type ASCII text, with very long lines (7000), with no line terminators
Hash fe8f85d3f830bd940a4889738923915e
64d2e90c61624e7f97780d1c87e7050b461e35f5
f03c6e40c3f9688009f70fc115c1136b1aef6a9162e8bf0886e325317a88a19c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1384
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1
63.250.38.12200 OK 11 kB URL HTTP/2 diksuci.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1
IP 63.250.38.12:0
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash be4878615004b04d9b65776f78324fa5
d4206bfe0586746d1555aa2de20e58cc5f1fce8c
912184b81c58bd007618284df9aee4bc04a5e2a4f037ea09620770fac119f4ab
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11216
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
63.250.38.12200 OK 12 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
IP 63.250.38.12:0
File type ASCII text, with very long lines (54622), with CRLF line terminators
Hash e01da17f0ce741529c7d2db23ca0b34c
ebdd20f264875932dc35d3f8e4c1b7d3558b92b6
405661a34f7c2ea5a898c46bdf5e57fd9be34b8ee378e47bd413ee7f8e4c4d41
GET /wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11561
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mystickyelements/css/mystickyelements-front.css?ver=1.7.4
63.250.38.12200 OK 12 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/css/mystickyelements-front.css?ver=1.7.4
IP 63.250.38.12:0
File type ASCII text, with CRLF line terminators
Hash 7337edc7c32afa535cdf384213cdc536
4c84f18eff8fa068f56775c100598b5016da4f22
5028b4834a940714ddfa3dc5150d656cdbd6f91c716eb5a3b50b706c757cf0d9
GET /wp-content/plugins/mystickyelements/css/mystickyelements-front.css?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11464
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/animated-headline/css/style.css?ver=4.0
63.250.38.12200 OK 2.6 kB URL HTTP/2 diksuci.in/wp-content/plugins/animated-headline/css/style.css?ver=4.0
IP 63.250.38.12:0
Hash 7918309c7a53171d4ff1a1670d3ce80a
5393acaa93015f02795b7a51162890b3b6127a0f
996d28030dd40dd0640a174533ebd88623b1269886a88f9a549267bb19adc1ee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/animated-headline/css/style.css?ver=4.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2555
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
63.250.38.12200 OK 31 kB URL HTTP/2 diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 63.250.38.12:0
File type ASCII text, with very long lines (65447)
Hash c2606f5e24691c4290619a4b19373d8f
922629d2120b88704c134eca3e9b9a8f2744586a
dd31d2d0e41db4143258210d332762e0b8d91c4d126b2939eeb727f36c0926f8
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31425
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
63.250.38.12200 OK 5.1 kB URL HTTP/2 diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 63.250.38.12:0
File type ASCII text, with very long lines (11126)
Hash 78acb1c805c40091d2cec1f705645ecc
d23218f4c89a46af8c62c9b5e04fd9c615e9760c
eb63ca867bd2ec22fc80c9474338903fc992a271d5bacf13d7953bd1d88c4865
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5135
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6
63.250.38.12200 OK 6.7 kB URL HTTP/2 diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6
IP 63.250.38.12:0
File type HTML document, ASCII text, with very long lines (23975), with CRLF line terminators
Hash d14f2e96b9f8d5a6aa31eff7d902118b
6dbf3ef2f309171abe7a38badcdfe78074eb9965
254f881e75555b23e471a74c833aad12e0021d304d88c55832979698dcb6b4ff
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6723
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6
63.250.38.12200 OK 2.4 kB URL HTTP/2 diksuci.in/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6
IP 63.250.38.12:0
File type HTML document, ASCII text, with very long lines (2281)
Hash 47636b4f6e26d0965b62191f301c7746
cb8c17ab29cb5ed393bb807cdcfdd0d9e8012cc2
86f2e1cede3030dd6956206b0aeb1ab03587f6ca3c022fee4d091ba1292dd658
GET /wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2388
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
63.250.38.12200 OK 3.7 kB URL HTTP/2 diksuci.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
IP 63.250.38.12:0
File type ASCII text, with very long lines (2493)
Hash c55c26689e34922f764cca71d72ccb55
98403a63984d1edd4738b08acf8072b63c08c2d8
d87a7b318251e1de8da28c61854cd9505d30f15744275df53c238a8110319e1a
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Sat, 07 Mar 2020 10:59:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3699
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0
63.250.38.12200 OK 6.2 kB URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0
IP 63.250.38.12:0
File type ASCII text, with very long lines (2305)
Hash d23b9b3780dd0c9ed63a143a2f4b4ca3
aa0e4070f6bbc43bea6a24596993f59de07d3e0d
2e9176a5b3768fe1ab819cbdcb22169a2a77f23fcd3375e212807bea7cdf32c1
GET /wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6201
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
63.250.38.12200 OK 4.9 kB URL HTTP/2 diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
IP 63.250.38.12:0
File type ASCII text, with very long lines (2281)
Hash 5fc4ec6fc1e2c66f148f089537738f5b
edac825ca86a2c3104f990ab1c2718192b230f68
145ef03bab838e598ad8bf79a4f30f70a156e8f30350b9fa4a6b826c83dd5b9b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4936
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8
63.250.38.12200 OK 5.1 kB URL HTTP/2 diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8
IP 63.250.38.12:0
File type ASCII text, with very long lines (13412), with CRLF line terminators
Hash b3bc7cb8886d36449b9ae290f35b6176
d51d9418f6e2b8ce93f27ec4397442bf9e0ccede
d6722158b4ac8d856e4c5fd987ec1d4fb809171254c69cec4210e69f51177e7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5086
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1
63.250.38.12200 OK 9.4 kB URL HTTP/2 diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1
IP 63.250.38.12:0
File type Unicode text, UTF-8 text, with very long lines (30272), with no line terminators
Hash fcb826db1309ce221297f39da86ce1dc
83a14dfcab597c33b5c609976693c89cae08eadd
d976444820fa738e44472bd298b6db5112325483ac5b86448526b5abb30d5c94
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 16:14:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9426
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6
63.250.38.12200 OK 6.4 kB URL HTTP/2 diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6
IP 63.250.38.12:0
File type ASCII text, with very long lines (20441)
Hash 81dd3028da9fd5819efa5ac9529220f3
a22aa784aec5153d693f1877b11b87b8cdf0d586
5e38788f98f07f1b07bef0e1fcae5a0f9fe6d7fcfd76530184b8fa00b45c8663
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6350
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
63.250.38.12200 OK 2.4 kB URL HTTP/2 diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
IP 63.250.38.12:0
File type ASCII text, with very long lines (6641), with no line terminators
Hash 0c5151ea09d7e24a53173d929b02def3
22cf8650910afc888c65dd030705c2a0e5eb9d6c
4ec9e621c4892fbc4f4f13bf582d8adeedb39c55a7100e2e770f53454c3e603f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2408
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4
63.250.38.12200 OK 1.8 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4
IP 63.250.38.12:0
File type ASCII text, with very long lines (3548), with CRLF line terminators
Hash 4101995a38f08d4de618e7dc9910665e
fb9e7f6d7ace366ab214cb9d079a29526d560d46
20bf2497a0dbf231869d4c01acdb550aafedaefb42a72782a74db167da369f18
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1832
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4
63.250.38.12200 OK 4.1 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4
IP 63.250.38.12:0
File type ASCII text, with very long lines (2294), with CRLF line terminators
Hash 571480df9fbfe206fd9e9f5f4ec804b5
83383af98e65e080d5ddee5f66d60cd4100db9ed
3c2a50f24e02aa1b5bfd2c493c646b9090e5f823049a08b8420b01be7a9b5790
GET /wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4143
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0
63.250.38.12200 OK 2.6 kB URL HTTP/2 diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0
IP 63.250.38.12:0
File type ASCII text, with very long lines (2284)
Hash b883e153b31337363daa28495594ed15
e65a83866f924bb80827f1f9c96cc0ef4040c644
30f1deb074e09503e4d844bb9c3762d3434550e738dda38037af7fef4cbc270d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/animated-headline/js/main.js?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2601
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-includes/js/wp-embed.min.js?ver=5.8.5
63.250.38.12200 OK 1.8 kB URL HTTP/2 diksuci.in/wp-includes/js/wp-embed.min.js?ver=5.8.5
IP 63.250.38.12:0
File type ASCII text, with very long lines (3672)
Hash 03adb8f8f25e1e1a8e797042dd02adde
4f0de244aaffa97d9534c2cef33c80e82d38cd31
f03eb768eec6e68e435b15426a8e7444805fcc02bd17af775b94fe8f7800b25b
GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1773
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
63.250.38.12200 OK 5.7 kB URL HTTP/2 diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
IP 63.250.38.12:0
File type ASCII text, with very long lines (15224)
Hash 5661dfbe4dde987a3c6756930978e94c
c7b3d82153d9398944c01555c0f1a09345aca96d
541e0edb98e5b8f3d1a951c4d98ee84e6c95ae404af8b3cf5632bcd40094ff73
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5668
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/uploads/2020/03/logo200x200.png
63.250.38.12200 OK 17 kB URL HTTP/2 diksuci.in/wp-content/uploads/2020/03/logo200x200.png
IP 63.250.38.12:0
File type PNG image data, 200 x 145, 8-bit/color RGBA, non-interlaced\012- data
Hash 9287066be794d5ec75c7f1a690313b75
1c583abc3307eadbdbe1fa85bf063929e4db5d45
7396312e33f8bf8520ca852a25567618d4ade3563e98f56c8edc87c5bdf32308
GET /wp-content/uploads/2020/03/logo200x200.png HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: image/png
last-modified: Sun, 01 Mar 2020 08:53:34 GMT
accept-ranges: bytes
content-length: 16780
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
63.250.38.12200 OK 50 kB URL HTTP/2 diksuci.in/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP 63.250.38.12:0
File type ASCII text, with very long lines (32005), with CRLF line terminators
Hash 788bc5f34834eb37a84228631d4dddb9
6b9caf7acdaf504a2fa5d46e2d07cb7809c80693
3dbecde4cd293eb99d6fefee3f1305e41668a6cf63d2db63103dca03a8f80eb2
GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50302
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1
63.250.38.12200 OK 66 kB URL HTTP/2 diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1
IP 63.250.38.12:0
File type ASCII text, with very long lines (64288)
Hash 5ef002d125f640b1691d2ff7413df084
2cf9cd9dc41e325d21d5e332ec5742e8261f2f40
36f97d8dc4c96c42ff4914fb896753818287e924ea6a644ba2260538cb3c4a41
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 65915
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
142.250.74.163200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 40602
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:31:00 GMT
expires: Thu, 28 Sep 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 40671
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.163200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 40672
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0
63.250.38.12200 OK 109 kB URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0
IP 63.250.38.12:0
Size 109 kB (109186 bytes)
Hash 99348789f306029ca874755675f0b878
894f7058d241016b86d0d06363c94870d6dd28ae
64a60038f67e6a9e42321b429bb196d7da5e819f2c5a9868fa2d275d39bd6cf0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 109186
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/themes/nanosoft/assets/img/search.svg
63.250.38.12200 OK 813 B URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/img/search.svg
IP 63.250.38.12:0
File type SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (1308), with CRLF line terminators
Hash e9eaca5b5876642c077bef88c3836fec
155ccff26c758aa71de6c1f9ee9fcb67569cdad9
28c1c3ffce7943b768291938765d3f76efcc44ea6ed1f33cd3f8acb0ab47defa
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/img/search.svg HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 813
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/themes/nanosoft/assets/img/search-w.svg
63.250.38.12200 OK 847 B URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/img/search-w.svg
IP 63.250.38.12:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1164)
Hash e3e15d4685bef3e3c0e481a84c4cb880
cb33f9ef93e3a8d870d0279fbe448d3b4461f72f
ed7af5c692f73eb006c2152de2eaa304c761d6bc5fd83fd48a663877c0f0ba55
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/img/search-w.svg HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 847
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
63.250.38.12200 OK 77 kB URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 63.250.38.12:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-length: 77160
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
secure.gravatar.com/avatar/?s=80&d=mm&r=g
192.0.73.2200 OK 1.3 kB URL HTTP/2 secure.gravatar.com/avatar/?s=80&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 80x80, components 3\012- data
Hash 1127a8ec43092614d584219c5bc7f114
d2632fef16f0a845bb730f4f33605af59a9baefe
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
GET /avatar/?s=80&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:48:52 GMT
content-type: image/jpeg
content-length: 1323
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <http://www.gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="none.png"
expires: Thu, 29 Sep 2022 06:53:52 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 06:41:09 GMT
expires: Thu, 29 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 463
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2
63.250.38.12200 OK 14 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2
IP 63.250.38.12:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 329.-17695\012- data
Hash 7980a6361c25b4665dbbe92d4488783c
22516802ef9ac878298519c18ffab11769ee6cd7
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-length: 13584
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-159991197-1&cid=1984200476.1664434129&jid=277065050&gjid=363985915&_gid=2073358771.1664434129&_u=YGBAgUABCAAAAE~&z=746228611
64.233.165.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-159991197-1&cid=1984200476.1664434129&jid=277065050&gjid=363985915&_gid=2073358771.1664434129&_u=YGBAgUABCAAAAE~&z=746228611
IP 64.233.165.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-159991197-1&cid=1984200476.1664434129&jid=277065050&gjid=363985915&_gid=2073358771.1664434129&_u=YGBAgUABCAAAAE~&z=746228611 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://diksuci.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 06:48:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
diksuci.in/wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0
63.250.38.12200 OK 188 kB URL HTTP/2 diksuci.in/wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0
IP 63.250.38.12:0
File type TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size 188 kB (188508 bytes)
Hash 24712f6c47821394fba7942fbb52c3b2
1b0a0de084905946a20300ca8c354865dec46764
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/ttf
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-length: 188508
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2
63.250.38.12200 OK 75 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2
IP 63.250.38.12:0
File type Web Open Font Format (Version 2), TrueType, length 74656, version 329.-17695\012- data
Hash 9f4ce3dc689981a1b87faab0f5484f9e
1b33b1246610585c440e464b04df64cf0cea1dca
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-length: 74656
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2
63.250.38.12200 OK 74 kB URL HTTP/2 diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2
IP 63.250.38.12:0
File type Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695\012- data
Hash 64b3e814a66c2719b15abf8f7998bd73
fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-length: 74328
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-192x192.png
63.250.38.12200 OK 16 kB URL HTTP/2 diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-192x192.png
IP 63.250.38.12:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 61695850fcb751f9a08e99824382c619
36bd5811eaa6f6832f70bb1afc1c2b8b42f7cc05
dedb6488f1a87e8bc5d98df3313f7ca546f0efa2e410ddd667b87ecb555111e9
GET /wp-content/uploads/2020/03/cropped-logo200x200-1-192x192.png HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Cookie: mo_page_views_counter=1; mo_is_new=true; mo_has_visited=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:52 GMT
content-type: image/png
last-modified: Sun, 15 Mar 2020 12:42:08 GMT
accept-ranges: bytes
content-length: 15492
date: Thu, 29 Sep 2022 06:48:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-32x32.png
63.250.38.12200 OK 1.3 kB URL HTTP/2 diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-32x32.png
IP 63.250.38.12:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 112fc0bb279fdc21e66c4e3b91d443cd
797bf682d696f34fa6abb75c474b151277a0b19c
83b953b201c4e376b6ec1edbd06fefd5f08c83a7b9ff887e9eb21119fe927d83
GET /wp-content/uploads/2020/03/cropped-logo200x200-1-32x32.png HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Cookie: mo_page_views_counter=1; mo_is_new=true; mo_has_visited=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:52 GMT
content-type: image/png
last-modified: Sun, 15 Mar 2020 12:42:08 GMT
accept-ranges: bytes
content-length: 1254
date: Thu, 29 Sep 2022 06:48:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=5.8.5
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=5.8.5
IP 142.250.74.10:0
GET /css?family=Poppins%3A400%2C500%2C600%2C700&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 06:48:49 GMT
date: Thu, 29 Sep 2022 06:48:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2