Report - diksuci.in/UsDt.zip

Report Overview

Submitted URL
diksuci.in/UsDt.zip
IP
63.250.38.12
ASN
#22612 NAMECHEAP-NET
Submitted
2022-09-29 06:48:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	580 B	702 B	64.233.165.155
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	6.5 kB	142.250.74.170
secure.gravatar.com	1671	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	1.8 kB	192.0.73.2
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	20 kB	142.250.74.174
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	54 kB	34.120.237.76
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
diksuci.in	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	18 kB	950 kB	63.250.38.12
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.217.237.91
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	3.3 kB	142.250.74.10
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	61 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	diksuci.in/UsDt.zip	Phishing
2022-09-29	medium	diksuci.in/UsDt.zip	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/animated-headline/css/style.css?ver=4.0	Phishing
2022-09-29	medium	diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-09-29	medium	diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0	Phishing
2022-09-29	medium	diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/img/search.svg	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/img/search-w.svg	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2	Phishing
2022-09-29	medium	diksuci.in/wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2	Phishing
2022-09-29	medium	diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (32)

	URL	Size	First Seen	Last Seen
	diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	14 kB	2023-03-07	2024-02-12
Pretty URL diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2024-02-12 21:37:35 Times Seen12 Hash 696abf6f00deeee2bdc601c3f8c548cc f61f8e0002831d1ce518c5fa0fdf7847a8740a59 93fc6d3699b4fa210fa8d169e212b2ce5877d62a665db5d0c0aae7b1509a55b8 Loading...

	diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6	24 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 7037ecf4a46219a5521cb8b6d281473f 255d80f6ff0e770c70577540e28717a25677f8c6 3e8d541e71590ade69821005b1ba5dd12926407f6d466ce783ae07bd21d74da2 Loading...

	diksuci.in/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6	9.2 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 7969ddfa53bffe58971596e3da8a1f82 1ed8b80e978e18f586b0e6b8d5a37397c452e5a9 6a1b252398e0f675cb59a3c02ca262cde48fab634a288fa2275709d6981b8536 Loading...

	diksuci.in/UsDt.zip	1.0 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash e06adf1a8f45b82ea4d2ca5d18234b4d d1837a2fce50df109982c29189216bcdbbf22f9a 2a2e503e47855d8407788cc7c9ef03eb3e5478c019d17ce95777afb04e210fa9 Loading...

	diksuci.in/UsDt.zip	1.5 kB	2023-03-07	2024-04-25
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:03 Last Seen2024-04-25 18:36:10 Times Seen816 Hash 277de2c9c1d98efc6863c652f37902af 424e4284bf6a3003eddaa440ba9c4952a554a839 95e11bad493e4243bc2c826d979414127bf865c760b9c82e3f41525afcaee744 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	diksuci.in/UsDt.zip	2.1 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 03:22:34 Times Seen1 Hash 06e6c750f1c209eef419721928998865 af0721c9f4787c850df33631eb3ae3a9cfcc8503 e27d8212586a474092b7c02ee970ca76e3d08d609983d6bf4ea947d9aaf71ec0 Loading...

	diksuci.in/UsDt.zip	557 B	2023-03-07	2024-04-22
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:38 Last Seen2024-04-22 21:54:37 Times Seen601 Hash 345ac6a1cea385048b7cc9c86c658d3e 1f27edaba8686d677c1765b5fa51938fe58af548 9eba87f28884a476dc60170927f8c4946014ba6dd691004556b7b35963e66b35 Loading...

	diksuci.in/UsDt.zip	333 B	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash d4f4ebf740c4323cd63ce8da07679321 341423852f1a8971cd5b52a711fd4dec11ee7e1c 80b09841f04925d7d0e714d015c214c62936415ec0434c0b7f78fadaa615d21c Loading...

	diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0	7.9 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash d45a18845eb60c8ee1b180c92666b04c 4788f543515738d0b0a3eee788acec6b278887ec 6f8178cb8f0ee2296c96995c904e411c13cb67a7506415dbc0374a338ddea309 Loading...

	diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5	20 kB	2023-03-07	2023-04-13
Pretty URL diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:27 Last Seen2023-04-13 21:31:40 Times Seen6 Hash 6ba783439011d635cb8894beb953eb32 693ef521b41e94af92e5f5b95b24df9bbf91205b c6951ad06035eabc84df44d50016d5c9463fa5cf5e13cb596bd8ff69fe5c2eb0 Loading...

	diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4	17 kB	2023-03-07	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12:27 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 8aec83d1ea5de5189b43ec5c38570b3c b2edffd65538c0dc683206e37859113355a7a480 bd96d6aa59c96d3a6c3c5395b94b72eb9a93aa122f0b373c922a439ede85d4c2 Loading...

	diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8	14 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 9daa5b5837b7e81d6019ccb4959eb3cd d10d08b3354fbc1bdc3845e88a66f8a668018cb5 c39cd81589f0375c65c94373d2658d262f59ef26c3011bfaad03909957d90d87 Loading...

	diksuci.in/UsDt.zip	150 B	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash e861603ca55dd42444ee2b2264566153 df812cb2acc21357b1550efbc6842dd0d3600521 1dc0d19d0734afb744c1c13a5198e27cd81bd55bc2f6358b16761ee912677fa1 Loading...

	diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4	3.7 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash b26674a41254c6a187ce85049102e1ed 10fba30a666ca75fe63b4d25058188b63ee06c2c 08f14a244418af303fb21c5b775714196607182d58d02c9ac0459d1f41b969fb Loading...

	diksuci.in/UsDt.zip	138 B	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 03:22:34 Times Seen1 Hash a413b33208e58281f1152785f05a3af9 a4593132b4f78f448ea92ee87c8b6e9228e4ba1b 4e0d775dc664ddd7f5c0e60fecef291527772a9134ac70a095afae41544f1afa Loading...

	diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6	20 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash bdf4803507cd6ddc6da25df1231d9c1c 139085dbc5266e40d287258a45cce830b4342a37 1729fe535e88faa2a1dad4c97a1fda28d1cb5adf41a78c700a51a214abf010c5 Loading...

	diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9	6.6 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 42b7ef16e8f163042638fa4ae5bd421c b4bc83d0e88f0674cc846024e05459f1db1204c4 63c8ae13a3a724ea44665682ab62b6f0c90cfcc3666e7e60be20843fbc1c470a Loading...

	diksuci.in/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0	153 kB	2023-03-07	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:15:42 Last Seen2023-03-08 08:34:26 Times Seen1 Hash d778121bd718777588ba3868ab9c8b9e bed19f6b62d22c1dd9561672322edcc4329697c8 ffd22b2a0afd3247daee3a2bde4aeb0eb70cafbd8ace8777e7975bd2196b27ad Loading...

	diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1	270 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 03:22:34 Times Seen1 Hash 49caa4cf92eb5ba7a60ed1a08aa4286d 1be7559f6ae1e49adf6c5fa1450f8060e9b13936 8c8688e620cfd7b68f8a4162c54bd8f9a2184d6bc9612a17ef8db87c936ef4d1 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1	13 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1 IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-26 00:12:34 Times Seen22419 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	92 kB	2023-03-07	2024-02-12
Pretty URL diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2024-02-12 21:37:35 Times Seen12 Hash 81e65728dafe873901505ff4137abb23 9f6d5806f4e5a48c7801e160de170873206144da 099ebf47f5ffb18fe9a1985a45d9b6e5137c978cebd2151747880e9c1ae08c32 Loading...

	diksuci.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4	12 kB	2023-03-08	2023-03-11
Pretty URL diksuci.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-11 21:31:17 Times Seen1 Hash 49a63dd21011f7f2c8bc20d283f22339 dc54a1f6a2b259c6a121eadb56e3f0f9fc9a7c7d 77fffd34aee515dcf29605e8236e38db345d2ec991177771419ffc88e3dc12b0 Loading...

	diksuci.in/wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0	23 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 134a2aff3bea5a3887271e1a77d4b8eb d92ba9ddea7167093daac072fa67e669e728ffb9 1826f7a3bc1bd9675c62ae855bd3ae47012d99f46786d392acac237cddad5da7 Loading...

	diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1	30 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 62c5fbd7bd52d001f64f1b67f3cca742 bd4c06a5d6acfcde5a771d9ef574a08c032b85a2 699c147ea397f4f30edca2dc16bc035338a8aa469c36c6d69cd8110219721aed Loading...

	diksuci.in/UsDt.zip	298 B	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 03:22:34 Times Seen1 Hash 2fc3501fa9b8f9042ea80d296b2ac5c9 000410366214191f28adce029e0742a1dc1d576a ac4e0a39f7288a53703996bb36ec69329bd7b624eef3a28657f2bfb57c989816 Loading...

	diksuci.in/UsDt.zip	1.2 kB	2023-03-07	2023-09-26
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20:57 Last Seen2023-09-26 18:42:17 Times Seen6 Hash c1922fb7f94c08a5706dc97447c2715e 90862ab179d03433337680954edefd4796e088b4 7e27be288da686e1f787d0ac3ff076c9979857d18b8a9cabe2c3291540889e89 Loading...

	diksuci.in/UsDt.zip	2.3 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 84f2c0ef8b3904aacf7fead085958f81 481b26458c886705aac0b168920a054616cd7bd3 9fae11baac31e776223023306b4d2ace6545c5b5941baf65a481f871197c6856 Loading...

	diksuci.in/wp-includes/js/wp-embed.min.js?ver=5.8.5	3.7 kB	2023-03-07	2023-03-12
Pretty URL diksuci.in/wp-includes/js/wp-embed.min.js?ver=5.8.5 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:56:50 Last Seen2023-03-12 17:15:54 Times Seen1 Hash 0fee1c9c0d5c2eb2bfe464ab05b0ecf6 a39db6e41b28a70288e8dafe344066b029874975 08f821585355a5b19ab99dec05bda9627e1193c886f6f1a0a32bb59be5444198 Loading...

	diksuci.in/wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4	20 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash 208c04194a4553b81733563205b419f1 c37f611ad7dc0ac7ef3d9357a389e80a13b26d64 ca5e2be4e87d24f46c429a635299802a12127042d27e883af13fa98236bf7b01 Loading...

	diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0	533 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0 IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash bf6fbf5edadc6884359b95810f4e2d11 02c7afd7ef59d83ed6f8efd501a961f38771c3e4 d589eab899c0d067ab73908b09ab22a6819a595c45a7a50e5621790f01791a1c Loading...

	diksuci.in/UsDt.zip	1.3 kB	2023-03-08	2023-03-08
Pretty URL diksuci.in/UsDt.zip IP 63.250.38.12 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:22:34 Last Seen2023-03-08 08:34:26 Times Seen1 Hash d9af3a2e26933322d45aea7d318276b5 0700f6e47ded4bef5a0e7c6da3f60cda93a4e9e6 d762c5803a98dd517326faa3031baa931d633919491a4f46c8ed4ef09afdf449 Loading...

HTTP Transactions (81)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 06:29:35 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EbJWFRcy-v3YoeC0k8TTVFvWdSX6f0C9n4wxoYEZ7ZRXapsLiXwKOg==
Age: 1151

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3334
Expires: Thu, 29 Sep 2022 07:44:20 GMT
Date: Thu, 29 Sep 2022 06:48:46 GMT
Connection: keep-alive

diksuci.in/UsDt.zip

63.250.38.12

301 Moved Permanently

707 B

URL HTTP/1.1
diksuci.in/UsDt.zip
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /UsDt.zip HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Thu, 29 Sep 2022 06:48:46 GMT
server: LiteSpeed
location: https://diksuci.in/UsDt.zip
x-turbo-charged-by: LiteSpeed

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4a22d2eb50abe339ba0b974642de3650
af15bc424a715a3b8d77e4948a9e152a3ba87ede
dff04734315b51fc11069e2d21b5be37b03d28ad01986e1ae2c96afc6ba31859

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFF04734315B51FC11069E2D21B5BE37B03D28AD01986E1AE2C96AFC6BA31859"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5575
Expires: Thu, 29 Sep 2022 08:21:41 GMT
Date: Thu, 29 Sep 2022 06:48:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: hC+mciHf76kDN1hz2OniIBT1n56f7R4JMEREFeBwdjubi2W0hy/bQ8Mcysrmt10QD5ZkgLnQzQk=
x-amz-request-id: PM5QYMCXHJK36BXV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 29 Sep 2022 06:47:50 GMT
age: 56
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:48:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 06:29:33 GMT
Expires: Thu, 29 Sep 2022 06:37:40 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bEDHvU04Bw8dh7j2ujpGPLCcFPYNWyG01RML8AHPJKyMDkqheGWadQ==
Age: 1154

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6a5b4dad6a8fd7c25b87204c396ca918
425c781319d8d8c38770be86c548d4eccfbf9ab4
df061675a16ca74feecf628c34a80d9069fda99ffc2838d464e8173961f20341

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 29 Sep 2022 06:48:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 05:08:14 GMT
Expires: Wed, 05 Oct 2022 05:08:13 GMT
Etag: "425c781319d8d8c38770be86c548d4eccfbf9ab4"
Cache-Control: max-age=511765,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7522c66e7dd80afa-OSL

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1203
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:47 GMT
Last-Modified: Thu, 29 Sep 2022 06:28:44 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.217.237.91

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.217.237.91:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 04v8C3JsFaEgYqI68IFxqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UB/nRDDlUGzgVxiBZRo0+IF3jtw=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7595
Expires: Thu, 29 Sep 2022 08:55:23 GMT
Date: Thu, 29 Sep 2022 06:48:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6390 bytes)
Hash
14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iJqlMznUxlZhvkId6f8cJu8dbVThmd6iLiZxHTATX7TeHm_0vYplDA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:30 GMT
age: 12018
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6795 bytes)
Hash
9f94853ffae41ec3c0e002bc152da1c4
7057c6707c7299ac386c6b2164240eff241db294
818f3ff90d7b7923b4af4e423dbb01388795490ac2097e1d58d70608b95618f4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6d393f81-26d4-4afa-b6ba-940a54002d7f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6795
x-amzn-requestid: 20067932-e2e5-410a-8c7a-a5f623f33454
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDCs6FbooAMFyHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633117ec-65749cd04e48e49a46b4c215;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 03:09:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: o1q8r6PSQDQyLs4xfhCSXu4q8fFi3zIoAIMlwNznvOsEtORfuVumCA==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 05:47:43 GMT
age: 3665
etag: "7057c6707c7299ac386c6b2164240eff241db294"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (9034 bytes)
Hash
2054ae778a3079d8233ee33045127df6
927d5a375d9607b23caadae148566fdff10147b1
6b33c83c2b78b413ae375966860e1a9c8aa8e28dee107f9dd5bb8ceb221e607a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e97b5ce-1b94-4a15-a121-825f38a9d7d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9034
x-amzn-requestid: 20199dff-cd75-4f47-9395-9fdab045638c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtHROoAMFQ6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-6a77e2d438ae887e4cd54ec6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: z92zeMKTSVmpz2TYok8XpBUxuY4ZzN3Z_w32gQgjX1QGb26YDxnfdQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 8888
etag: "927d5a375d9607b23caadae148566fdff10147b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7810 bytes)
Hash
456968f691ae9464d69a37bffe9bd7ce
31b8538deb0f00d5b4182739a4a2fcc1b956a998
5cde1e3158e6c6c0b7a01d3bd32f2aa292b3b205f604e5c4ed71cafedad06bf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2016911-a1a6-4bdf-a8f3-89e94a0aaff7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7810
x-amzn-requestid: ff9cdb43-e7f3-4fb3-a2c9-28059f7749e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYtFlRoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-2b426b8e379fb9da122731e6;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: v_9XHswnO6iHo9-XgqSOIDYxa_RSEzQTDqJ5Uoi5pB9sJ3kl3H-XSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 23:45:29 GMT
age: 25399
etag: "31b8538deb0f00d5b4182739a4a2fcc1b956a998"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7859 bytes)
Hash
c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LwYd0qn4P-zh1W4GvU8vNEo3_TZHEqtErAj3UKx7a82LIDaBsiXE-w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 19:04:20 GMT
age: 42268
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9654 bytes)
Hash
36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7961f184-9476-43de-bf35-8ccb50ee1760
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVYsHA6oAMFvRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326904-05f567f7606462ac44f89987;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XaB4TwXv4xy0Sy3dncNYZWEPEnHY5BkEHR7fZDK59APYkzH9DPdT7A==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 04:20:40 GMT
age: 8888
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

diksuci.in/UsDt.zip

63.250.38.12

404 Not Found

14 kB

URL HTTP/2
diksuci.in/UsDt.zip
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1820), with CRLF, LF line terminators
Size
14 kB (14506 bytes)
Hash
bced248b37772e2ae3f44709e7acee4c
4ca2dbea58845002b0ee596af010f76b7b0eb08b
9cd6b0bee0543d7d34390b4f33221c2ef64972845955ea71a5228463a4ee4f98

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /UsDt.zip HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
x-powered-by: PHP/7.4.30
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://diksuci.in/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: miss
content-length: 14506
content-encoding: br
vary: Accept-Encoding
date: Thu, 29 Sep 2022 06:48:48 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1

142.250.74.170

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1
IP
142.250.74.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js?ver=1.2.19.1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 07:45:56 GMT
expires: Thu, 28 Sep 2023 07:45:56 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 82973
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CAldrich%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin-ext%2Chebrew%2Clatin%2Ccyrillic%2Cdevanagari&ver=5.8.5

142.250.74.10

200 OK

1.8 kB

URL HTTP/2
fonts.googleapis.com/css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CAldrich%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin-ext%2Chebrew%2Clatin%2Ccyrillic%2Cdevanagari&ver=5.8.5
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.8 kB (1836 bytes)
Hash
fd4d5f1f54d1279fbf0c312d2c7e5c35
4984c0ec028cd1c450c88dc8d16fdeaf5ce8582d
73773f9b14a443d47610b3b017ca757cb1336dfa81071638a4ed7398572e0db8

HTTP Headers

GET /css?family=Rubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CAldrich%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&subset=latin-ext%2Chebrew%2Clatin%2Ccyrillic%2Cdevanagari&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 06:48:49 GMT
date: Thu, 29 Sep 2022 06:48:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3e9d3eab1fba386c4fdf3af9a757cfa9
b50127a1072c95ed71110b07dd58eab72747e6f8
869e09d135cff97a1073e32fa1808d0068195421369d138ad6bba86cfef18091

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

diksuci.in/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5

63.250.38.12

200 OK

2.6 kB

URL HTTP/2
diksuci.in/wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (402)
Size
2.6 kB (2609 bytes)
Hash
cbfa034cc4ccb5726949e75740d548ce
a5617d8ad328782746ed5c9df2cb09fde435854e
a611ef68a8442db088615e6f113de35eabc992a6d3d5c8e5489466674f077708

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-video-lightbox/css/prettyPhoto.css?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2609
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5

63.250.38.12

200 OK

387 B

URL HTTP/2
diksuci.in/wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
387 B (387 bytes)
Hash
4b2d06f74eb3a6a35e2c1fad30cb4d1c
e759a0008e3fc6f7861a984564e23732b4960b71
9823f6387da9f8183e7f4bd3013093d8545338edadd3c781e30e3536d384de2c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-video-lightbox/wp-video-lightbox.css?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 387
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2

142.250.74.163

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Size
34 kB (33580 bytes)
Hash
848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9

HTTP Headers

GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:08:19 GMT
expires: Tue, 26 Sep 2023 21:08:19 GMT
cache-control: public, max-age=31536000
age: 207630
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
15dbf298fc5c3f79b34abf59118cc01c
c48dc908b9aa86adb5017683a23b625d8fd1b955
9061294bc67906630f52dfdb486941691a8b9291b938c032076cef3f7bf21ce7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0

63.250.38.12

200 OK

26 kB

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (1512)
Size
26 kB (26101 bytes)
Hash
450eb0228369ffc72316f932d2b69a5a
f0d8079fac95cca785832c1192a4e904d1a9ab42
68d7cbd396f3c5909423758d43333dd2f2d754a54b369d2151f972e81b9b5ddc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 26101
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5

63.250.38.12

200 OK

10 kB

URL HTTP/2
diksuci.in/wp-includes/css/dist/block-library/style.min.css?ver=5.8.5
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (33376)
Size
10 kB (9960 bytes)
Hash
cf64bd69df964ad7baacebb5f165288e
3b43b33729294f0378142606559dac91d56919f8
f8d581c3f1abb40a8a24d79f47abe7b7b4ea24207160d0e260d06ca0cdebcb19

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9960
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4

63.250.38.12

200 OK

557 B

URL HTTP/2
diksuci.in/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
557 B (557 bytes)
Hash
22abae7a448d0f1ce2d2c9e1c2d4f08f
2591e602d87b77bf7cf543f133f15678c596148f
48510198ab1b793ab7fccda6568222ce27d6ad0abfbe69f38589d0c73161991a

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 557
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0

63.250.38.12

200 OK

54 kB

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
54 kB (53636 bytes)
Hash
3763ff780b48d68ea724950acc57e0ee
f05240f745d29eb9469e0047f673ec1f516a1d0c
6c8e222276e96134f5a0e516e0d6aeec09eb8271c22c68e999a17c9d92d6dcfd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53636
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8

63.250.38.12

200 OK

1.4 kB

URL HTTP/2
diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (7000), with no line terminators
Size
1.4 kB (1384 bytes)
Hash
fe8f85d3f830bd940a4889738923915e
64d2e90c61624e7f97780d1c87e7050b461e35f5
f03c6e40c3f9688009f70fc115c1136b1aef6a9162e8bf0886e325317a88a19c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/devvn-image-hotspot/frontend/css/ihotspot.min.css?ver=1.1.8 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1384
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1

63.250.38.12

200 OK

11 kB

URL HTTP/2
diksuci.in/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
11 kB (11216 bytes)
Hash
be4878615004b04d9b65776f78324fa5
d4206bfe0586746d1555aa2de20e58cc5f1fce8c
912184b81c58bd007618284df9aee4bc04a5e2a4f037ea09620770fac119f4ab

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.1.1 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11216
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4

63.250.38.12

200 OK

12 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (54622), with CRLF line terminators
Size
12 kB (11561 bytes)
Hash
e01da17f0ce741529c7d2db23ca0b34c
ebdd20f264875932dc35d3f8e4c1b7d3558b92b6
405661a34f7c2ea5a898c46bdf5e57fd9be34b8ee378e47bd413ee7f8e4c4d41

HTTP Headers

GET /wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11561
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mystickyelements/css/mystickyelements-front.css?ver=1.7.4

63.250.38.12

200 OK

12 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/css/mystickyelements-front.css?ver=1.7.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with CRLF line terminators
Size
12 kB (11464 bytes)
Hash
7337edc7c32afa535cdf384213cdc536
4c84f18eff8fa068f56775c100598b5016da4f22
5028b4834a940714ddfa3dc5150d656cdbd6f91c716eb5a3b50b706c757cf0d9

HTTP Headers

GET /wp-content/plugins/mystickyelements/css/mystickyelements-front.css?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11464
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/animated-headline/css/style.css?ver=4.0

63.250.38.12

200 OK

2.6 kB

URL HTTP/2
diksuci.in/wp-content/plugins/animated-headline/css/style.css?ver=4.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
2.6 kB (2555 bytes)
Hash
7918309c7a53171d4ff1a1670d3ce80a
5393acaa93015f02795b7a51162890b3b6127a0f
996d28030dd40dd0640a174533ebd88623b1269886a88f9a549267bb19adc1ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/animated-headline/css/style.css?ver=4.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: text/css
last-modified: Thu, 19 Sep 2019 15:50:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2555
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

63.250.38.12

200 OK

31 kB

URL HTTP/2
diksuci.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
31 kB (31425 bytes)
Hash
c2606f5e24691c4290619a4b19373d8f
922629d2120b88704c134eca3e9b9a8f2744586a
dd31d2d0e41db4143258210d332762e0b8d91c4d126b2939eeb727f36c0926f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 31425
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

63.250.38.12

200 OK

5.1 kB

URL HTTP/2
diksuci.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
5.1 kB (5135 bytes)
Hash
78acb1c805c40091d2cec1f705645ecc
d23218f4c89a46af8c62c9b5e04fd9c615e9760c
eb63ca867bd2ec22fc80c9474338903fc992a271d5bacf13d7953bd1d88c4865

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5135
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6

63.250.38.12

200 OK

6.7 kB

URL HTTP/2
diksuci.in/wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (23975), with CRLF line terminators
Size
6.7 kB (6723 bytes)
Hash
d14f2e96b9f8d5a6aa31eff7d902118b
6dbf3ef2f309171abe7a38badcdfe78074eb9965
254f881e75555b23e471a74c833aad12e0021d304d88c55832979698dcb6b4ff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wp-video-lightbox/js/jquery.prettyPhoto.min.js?ver=3.1.6 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6723
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6

63.250.38.12

200 OK

2.4 kB

URL HTTP/2
diksuci.in/wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (2281)
Size
2.4 kB (2388 bytes)
Hash
47636b4f6e26d0965b62191f301c7746
cb8c17ab29cb5ed393bb807cdcfdd0d9e8012cc2
86f2e1cede3030dd6956206b0aeb1ab03587f6ca3c022fee4d091ba1292dd658

HTTP Headers

GET /wp-content/plugins/wp-video-lightbox/js/video-lightbox.js?ver=3.1.6 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:31 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2388
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4

63.250.38.12

200 OK

3.7 kB

URL HTTP/2
diksuci.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2493)
Size
3.7 kB (3699 bytes)
Hash
c55c26689e34922f764cca71d72ccb55
98403a63984d1edd4738b08acf8072b63c08c2d8
d87a7b318251e1de8da28c61854cd9505d30f15744275df53c238a8110319e1a

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js?ver=7.10.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Sat, 07 Mar 2020 10:59:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3699
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0

63.250.38.12

200 OK

6.2 kB

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2305)
Size
6.2 kB (6201 bytes)
Hash
d23b9b3780dd0c9ed63a143a2f4b4ca3
aa0e4070f6bbc43bea6a24596993f59de07d3e0d
2e9176a5b3768fe1ab819cbdcb22169a2a77f23fcd3375e212807bea7cdf32c1

HTTP Headers

GET /wp-content/themes/nanosoft/assets/js/theme.js?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6201
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4

63.250.38.12

200 OK

4.9 kB

URL HTTP/2
diksuci.in/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2281)
Size
4.9 kB (4936 bytes)
Hash
5fc4ec6fc1e2c66f148f089537738f5b
edac825ca86a2c3104f990ab1c2718192b230f68
145ef03bab838e598ad8bf79a4f30f70a156e8f30350b9fa4a6b826c83dd5b9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4936
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8

63.250.38.12

200 OK

5.1 kB

URL HTTP/2
diksuci.in/wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (13412), with CRLF line terminators
Size
5.1 kB (5086 bytes)
Hash
b3bc7cb8886d36449b9ae290f35b6176
d51d9418f6e2b8ce93f27ec4397442bf9e0ccede
d6722158b4ac8d856e4c5fd987ec1d4fb809171254c69cec4210e69f51177e7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/devvn-image-hotspot/frontend/js/jquery.ihotspot.min.js?ver=1.1.8 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:15 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5086
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1

63.250.38.12

200 OK

9.4 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (30272), with no line terminators
Size
9.4 kB (9426 bytes)
Hash
fcb826db1309ce221297f39da86ce1dc
83a14dfcab597c33b5c609976693c89cae08eadd
d976444820fa738e44472bd298b6db5112325483ac5b86448526b5abb30d5c94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mailoptin/src/core/src/assets/js/mailoptin.min.js?ver=1.2.19.1 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 16:14:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9426
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6

63.250.38.12

200 OK

6.4 kB

URL HTTP/2
diksuci.in/wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (20441)
Size
6.4 kB (6350 bytes)
Hash
81dd3028da9fd5819efa5ac9529220f3
a22aa784aec5153d693f1877b11b87b8cdf0d586
5e38788f98f07f1b07bef0e1fcae5a0f9fe6d7fcfd76530184b8fa00b45c8663

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/page-scroll-to-id/js/page-scroll-to-id.min.js?ver=1.6.6 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6350
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9

63.250.38.12

200 OK

2.4 kB

URL HTTP/2
diksuci.in/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (6641), with no line terminators
Size
2.4 kB (2408 bytes)
Hash
0c5151ea09d7e24a53173d929b02def3
22cf8650910afc888c65dd030705c2a0e5eb9d6c
4ec9e621c4892fbc4f4f13bf582d8adeedb39c55a7100e2e770f53454c3e603f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.1.9 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2408
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4

63.250.38.12

200 OK

1.8 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3548), with CRLF line terminators
Size
1.8 kB (1832 bytes)
Hash
4101995a38f08d4de618e7dc9910665e
fb9e7f6d7ace366ab214cb9d079a29526d560d46
20bf2497a0dbf231869d4c01acdb550aafedaefb42a72782a74db167da369f18

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mystickyelements/js/jquery.cookie.js?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1832
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4

63.250.38.12

200 OK

4.1 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2294), with CRLF line terminators
Size
4.1 kB (4143 bytes)
Hash
571480df9fbfe206fd9e9f5f4ec804b5
83383af98e65e080d5ddee5f66d60cd4100db9ed
3c2a50f24e02aa1b5bfd2c493c646b9090e5f823049a08b8420b01be7a9b5790

HTTP Headers

GET /wp-content/plugins/mystickyelements/js/mystickyelements-fronted.js?ver=1.7.4 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4143
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0

63.250.38.12

200 OK

2.6 kB

URL HTTP/2
diksuci.in/wp-content/plugins/animated-headline/js/main.js?ver=1.0.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2284)
Size
2.6 kB (2601 bytes)
Hash
b883e153b31337363daa28495594ed15
e65a83866f924bb80827f1f9c96cc0ef4040c644
30f1deb074e09503e4d844bb9c3762d3434550e738dda38037af7fef4cbc270d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/animated-headline/js/main.js?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:13 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2601
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-includes/js/wp-embed.min.js?ver=5.8.5

63.250.38.12

200 OK

1.8 kB

URL HTTP/2
diksuci.in/wp-includes/js/wp-embed.min.js?ver=5.8.5
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (3672)
Size
1.8 kB (1773 bytes)
Hash
03adb8f8f25e1e1a8e797042dd02adde
4f0de244aaffa97d9534c2cef33c80e82d38cd31
f03eb768eec6e68e435b15426a8e7444805fcc02bd17af775b94fe8f7800b25b

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:07 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1773
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5

63.250.38.12

200 OK

5.7 kB

URL HTTP/2
diksuci.in/wp-includes/js/wp-emoji-release.min.js?ver=5.8.5
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15224)
Size
5.7 kB (5668 bytes)
Hash
5661dfbe4dde987a3c6756930978e94c
c7b3d82153d9398944c01555c0f1a09345aca96d
541e0edb98e5b8f3d1a951c4d98ee84e6c95ae404af8b3cf5632bcd40094ff73

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.8.5 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 16:38:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5668
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/uploads/2020/03/logo200x200.png

63.250.38.12

200 OK

17 kB

URL HTTP/2
diksuci.in/wp-content/uploads/2020/03/logo200x200.png
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 200 x 145, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (16780 bytes)
Hash
9287066be794d5ec75c7f1a690313b75
1c583abc3307eadbdbe1fa85bf063929e4db5d45
7396312e33f8bf8520ca852a25567618d4ade3563e98f56c8edc87c5bdf32308

HTTP Headers

GET /wp-content/uploads/2020/03/logo200x200.png HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: image/png
last-modified: Sun, 01 Mar 2020 08:53:34 GMT
accept-ranges: bytes
content-length: 16780
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0

63.250.38.12

200 OK

50 kB

URL HTTP/2
diksuci.in/wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32005), with CRLF line terminators
Size
50 kB (50302 bytes)
Hash
788bc5f34834eb37a84228631d4dddb9
6b9caf7acdaf504a2fa5d46e2d07cb7809c80693
3dbecde4cd293eb99d6fefee3f1305e41668a6cf63d2db63103dca03a8f80eb2

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/revolution.tools.min.js?ver=6.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50302
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1

63.250.38.12

200 OK

66 kB

URL HTTP/2
diksuci.in/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (64288)
Size
66 kB (65915 bytes)
Hash
5ef002d125f640b1691d2ff7413df084
2cf9cd9dc41e325d21d5e332ec5742e8261f2f40
36f97d8dc4c96c42ff4914fb896753818287e924ea6a644ba2260538cb3c4a41

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.1.1 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:50:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 65915
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 40602
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.163

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:31:00 GMT
expires: Thu, 28 Sep 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 40671
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.163

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 40672
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0

63.250.38.12

200 OK

109 kB

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
109 kB (109186 bytes)
Hash
99348789f306029ca874755675f0b878
894f7058d241016b86d0d06363c94870d6dd28ae
64a60038f67e6a9e42321b429bb196d7da5e819f2c5a9868fa2d275d39bd6cf0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/js/components.js?ver=1.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:49 GMT
content-type: application/javascript
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 109186
date: Thu, 29 Sep 2022 06:48:49 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/themes/nanosoft/assets/img/search.svg

63.250.38.12

200 OK

813 B

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/img/search.svg
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- exported SGML document, ASCII text, with very long lines (1308), with CRLF line terminators
Size
813 B (813 bytes)
Hash
e9eaca5b5876642c077bef88c3836fec
155ccff26c758aa71de6c1f9ee9fcb67569cdad9
28c1c3ffce7943b768291938765d3f76efcc44ea6ed1f33cd3f8acb0ab47defa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/img/search.svg HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 813
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/themes/nanosoft/assets/img/search-w.svg

63.250.38.12

200 OK

847 B

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/img/search-w.svg
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1164)
Size
847 B (847 bytes)
Hash
e3e15d4685bef3e3c0e481a84c4cb880
cb33f9ef93e3a8d870d0279fbe448d3b4461f72f
ed7af5c692f73eb006c2152de2eaa304c761d6bc5fd83fd48a663877c0f0ba55

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/img/search-w.svg HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/style.css?ver=1.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: image/svg+xml
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 847
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

63.250.38.12

200 OK

77 kB

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-length: 77160
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

secure.gravatar.com/avatar/?s=80&d=mm&r=g

192.0.73.2

200 OK

1.3 kB

URL HTTP/2
secure.gravatar.com/avatar/?s=80&d=mm&r=g
IP
192.0.73.2:0
ASN
#2635 AUTOMATTIC

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 80x80, components 3\012- data
Size
1.3 kB (1323 bytes)
Hash
1127a8ec43092614d584219c5bc7f114
d2632fef16f0a845bb730f4f33605af59a9baefe
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

HTTP Headers

GET /avatar/?s=80&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 06:48:52 GMT
content-type: image/jpeg
content-length: 1323
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <http://www.gravatar.com/avatar/?s=80&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="none.png"
expires: Thu, 29 Sep 2022 06:53:52 GMT
cache-control: max-age=300
x-nc: HIT arn 2
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Thu, 29 Sep 2022 06:41:09 GMT
expires: Thu, 29 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 463
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2

63.250.38.12

200 OK

14 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 13584, version 329.-17695\012- data
Size
14 kB (13584 bytes)
Hash
7980a6361c25b4665dbbe92d4488783c
22516802ef9ac878298519c18ffab11769ee6cd7
9da8be2e5def63c77f53ed660306098debe21d622c79756180a4a626ba21c6af

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mystickyelements/fonts/fa-regular-400.woff2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-length: 13584
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-159991197-1&cid=1984200476.1664434129&jid=277065050&gjid=363985915&_gid=2073358771.1664434129&_u=YGBAgUABCAAAAE~&z=746228611

64.233.165.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-159991197-1&cid=1984200476.1664434129&jid=277065050&gjid=363985915&_gid=2073358771.1664434129&_u=YGBAgUABCAAAAE~&z=746228611
IP
64.233.165.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-159991197-1&cid=1984200476.1664434129&jid=277065050&gjid=363985915&_gid=2073358771.1664434129&_u=YGBAgUABCAAAAE~&z=746228611 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://diksuci.in
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://diksuci.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Sep 2022 06:48:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
253e735983d6b98808235295de508f8b
e47aa9e4c679c5215cd2d20cd3dcd7ce58fde86d
c4e13af46f6ab54af9a8d5a68fe5c12d8a5c41ed829568380bdeca8c729f1da5

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 06:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

diksuci.in/wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0

63.250.38.12

200 OK

188 kB

URL HTTP/2
diksuci.in/wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
TrueType Font data, 15 tables, 1st "FFTM", 14 names, Macintosh\012- data
Size
188 kB (188508 bytes)
Hash
24712f6c47821394fba7942fbb52c3b2
1b0a0de084905946a20300ca8c354865dec46764
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/nanosoft/assets/fonts/ionicons.ttf?v=2.0.0 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/wp-content/themes/nanosoft/assets/css/components.css?ver=1.0.0
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/ttf
last-modified: Thu, 19 Sep 2019 15:46:53 GMT
accept-ranges: bytes
content-length: 188508
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2

63.250.38.12

200 OK

75 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 74656, version 329.-17695\012- data
Size
75 kB (74656 bytes)
Hash
9f4ce3dc689981a1b87faab0f5484f9e
1b33b1246610585c440e464b04df64cf0cea1dca
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mystickyelements/fonts/fa-brands-400.woff2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-length: 74656
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2

63.250.38.12

200 OK

74 kB

URL HTTP/2
diksuci.in/wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 74328, version 329.-17695\012- data
Size
74 kB (74328 bytes)
Hash
64b3e814a66c2719b15abf8f7998bd73
fa5c5d34c7c375aa3e101f0b8104b6cdbcacd6a6
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mystickyelements/fonts/fa-solid-900.woff2 HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://diksuci.in/wp-content/plugins/mystickyelements/css/font-awesome.min.css?ver=1.7.4
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:51 GMT
content-type: font/woff2
last-modified: Mon, 02 Mar 2020 11:34:49 GMT
accept-ranges: bytes
content-length: 74328
date: Thu, 29 Sep 2022 06:48:51 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-192x192.png

63.250.38.12

200 OK

16 kB

URL HTTP/2
diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-192x192.png
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15492 bytes)
Hash
61695850fcb751f9a08e99824382c619
36bd5811eaa6f6832f70bb1afc1c2b8b42f7cc05
dedb6488f1a87e8bc5d98df3313f7ca546f0efa2e410ddd667b87ecb555111e9

HTTP Headers

GET /wp-content/uploads/2020/03/cropped-logo200x200-1-192x192.png HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Cookie: mo_page_views_counter=1; mo_is_new=true; mo_has_visited=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:52 GMT
content-type: image/png
last-modified: Sun, 15 Mar 2020 12:42:08 GMT
accept-ranges: bytes
content-length: 15492
date: Thu, 29 Sep 2022 06:48:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-32x32.png

63.250.38.12

200 OK

1.3 kB

URL HTTP/2
diksuci.in/wp-content/uploads/2020/03/cropped-logo200x200-1-32x32.png
IP
63.250.38.12:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1254 bytes)
Hash
112fc0bb279fdc21e66c4e3b91d443cd
797bf682d696f34fa6abb75c474b151277a0b19c
83b953b201c4e376b6ec1edbd06fefd5f08c83a7b9ff887e9eb21119fe927d83

HTTP Headers

GET /wp-content/uploads/2020/03/cropped-logo200x200-1-32x32.png HTTP/1.1
Host: diksuci.in
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/UsDt.zip
Cookie: mo_page_views_counter=1; mo_is_new=true; mo_has_visited=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 06 Oct 2022 06:48:52 GMT
content-type: image/png
last-modified: Sun, 15 Mar 2020 12:42:08 GMT
accept-ranges: bytes
content-length: 1254
date: Thu, 29 Sep 2022 06:48:52 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=5.8.5

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=5.8.5
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins%3A400%2C500%2C600%2C700&ver=5.8.5 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://diksuci.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 06:48:49 GMT
date: Thu, 29 Sep 2022 06:48:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations