r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1e997bec759570aa0db03e31bf013cc2
948fd8263ab0b40f75eaf9495f76a7f39f39d5f9
853f97990fe10ccb34066b1e73e93dac45794f42fb745b266b6a46b9e26d52e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "853F97990FE10CCB34066B1E73E93DAC45794F42FB745B266B6A46B9E26D52E9"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6271
Expires: Sat, 29 Oct 2022 03:12:45 GMT
Date: Sat, 29 Oct 2022 01:28:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 922281894182eba1fc67c2d8678e3238
e169209341b09bf4f14ebb3fc7c07b03f2121bf1
37516083f7655af68d7e426efca6f9f3709a80318ac7bb8cc492c183916141b1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4463
Cache-Control: max-age=119835
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 01:28:14 GMT
Etag: "635ba15b-1d7"
Expires: Sun, 30 Oct 2022 10:45:29 GMT
Last-Modified: Fri, 28 Oct 2022 09:31:07 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42d84e61e6aa4d3cce623adccfafc3e2
0dba69e98be53c153a6726ff934b2d55feb20d75
2f53662c68c9ea7be85837310861c8007fd039e5e4d8eb8f0d8948d5d1571a03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2F53662C68C9EA7BE85837310861C8007FD039E5E4D8EB8F0D8948D5D1571A03"
Last-Modified: Thu, 27 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2701
Expires: Sat, 29 Oct 2022 02:13:15 GMT
Date: Sat, 29 Oct 2022 01:28:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 8wIDtO8PB7y/YtkoZNy3BlU5wYvgtjT6O2es+eXaKmLp11UnE8D2duMVQzA6v3tY/G3W/0SWCr0JWOukyGuL4g==
x-amz-request-id: S0XZ3MZF1H11TZZE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 29 Oct 2022 01:10:29 GMT
age: 1065
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
nrfilterfabrics.in/ult/qakbot.zip
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/qakbot.zip
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/qakbot.zip HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:14 GMT
server: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 29 Oct 2022 01:28:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:100,300,400,700,900
142.250.74.10200 OK 432 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:100,300,400,700,900
IP 142.250.74.10:0
Hash e141e32d1114e28e714857ac655df013
3d3253fae51694b279f7c6482bfb96b84918117b
14fd78c0c5510b97df0507a27d68e3a1efcd5e4969b3a381cd68ecb4b10c16c8
GET /css?family=Lato:100,300,400,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 29 Oct 2022 01:28:14 GMT
Date: Sat, 29 Oct 2022 01:28:14 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
142.250.74.170200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32072)
Hash d38e2944bbc9ae54b8947a2bd0b9a932
782a825679b248d38979c2d7ecae257873344437
65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 32954
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 27 Oct 2022 21:53:55 GMT
Expires: Fri, 27 Oct 2023 21:53:55 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 99259
fonts.googleapis.com/css?family=Bree+Serif
142.250.74.10200 OK 338 B URL HTTP/1.1 fonts.googleapis.com/css?family=Bree+Serif
IP 142.250.74.10:0
Hash 8e0b71e932dc5d7a802377abfa801164
5f9543c2f7d46e6efa70f1e83df7f242643e0e6c
e8d5798e3f2d4db794b498b42700d63bd80f75940e63d566ece33ca835f70b0d
GET /css?family=Bree+Serif HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 29 Oct 2022 01:28:14 GMT
Date: Sat, 29 Oct 2022 01:28:14 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Open+Sans:400,300,700
142.250.74.10200 OK 683 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:400,300,700
IP 142.250.74.10:0
Hash 811aba771f53232088791a691dc2e85a
b4b83e106290e8a51b537f2ed50d10e99f184b9a
1f11e7aa985aa9d4a8ccfe4afda98e022b600a53592955344e23f8a9109ad3ec
GET /css?family=Open+Sans:400,300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 29 Oct 2022 01:28:14 GMT
Date: Sat, 29 Oct 2022 01:28:14 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
nrfilterfabrics.in/ult/css/style.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/style.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/style.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:14 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/bootstrap.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/bootstrap.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/bootstrap.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:14 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/animate.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/animate.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/animate.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/wow.min.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/wow.min.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/wow.min.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/jquery.min.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/jquery.min.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/jquery.min.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/modernizr.custom.53451.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/modernizr.custom.53451.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/modernizr.custom.53451.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/jquery-ui.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/jquery-ui.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/jquery-ui.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/jquery.gallery.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/jquery.gallery.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/jquery.gallery.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/JFGrid.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/JFGrid.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/JFGrid.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/JFCore.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/JFCore.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/JFCore.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/jquery-ui.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/jquery-ui.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/jquery-ui.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/JFForms.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/JFForms.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/JFForms.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/JFFormStyle-1.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/JFFormStyle-1.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/JFFormStyle-1.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/move-top.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/move-top.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/move-top.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6b7c0ce49b8ebb90707ec439581bc979
1affe02f362f59f8acaaa2cc16185fc2942a82cf
99057099a66b378f0825443f175ad6f84a9f69c0abb8f8db546eb348de4facb4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1479
Cache-Control: max-age=111792
Content-Type: application/ocsp-response
Date: Sat, 29 Oct 2022 01:28:15 GMT
Etag: "635b8d98-1d7"
Expires: Sun, 30 Oct 2022 08:31:27 GMT
Last-Modified: Fri, 28 Oct 2022 08:06:48 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
nrfilterfabrics.in/ult/js/easing.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/easing.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/easing.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider3.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider3.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider3.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider7.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider7.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider7.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider5.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider5.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider5.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider4.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider4.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider4.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider6.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider6.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider6.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/logo.png
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/logo.png
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/logo.png HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
push.services.mozilla.com/
52.41.98.34101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.98.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: C7R/Les+mL/0IcxPBfx4Ig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 41o5zY+Jrn2H3Kr3NVPiebA2FFY=
nrfilterfabrics.in/ult/css/animate.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/animate.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/animate.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:15 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider1.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider1.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider1.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider2.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider2.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider2.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/style.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/style.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/style.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/style.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/style.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/style.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/js/jquery.min.js
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/js/jquery.min.js
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/js/jquery.min.js HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/jquery-ui.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/jquery-ui.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/jquery-ui.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13623
Expires: Sat, 29 Oct 2022 05:15:19 GMT
Date: Sat, 29 Oct 2022 01:28:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13623
Expires: Sat, 29 Oct 2022 05:15:19 GMT
Date: Sat, 29 Oct 2022 01:28:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13623
Expires: Sat, 29 Oct 2022 05:15:19 GMT
Date: Sat, 29 Oct 2022 01:28:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13623
Expires: Sat, 29 Oct 2022 05:15:19 GMT
Date: Sat, 29 Oct 2022 01:28:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d74fd61a9f3caa5eada0b6b9f7154475
eb94382c5deaf0de61635a7d4ecc89928ef84e65
b8fe819d80e3dbca42f89e4654dfb96aa886892d265b475c7e23c780120aa5cd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8FE819D80E3DBCA42F89E4654DFB96AA886892D265B475C7E23C780120AA5CD"
Last-Modified: Thu, 27 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13623
Expires: Sat, 29 Oct 2022 05:15:19 GMT
Date: Sat, 29 Oct 2022 01:28:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97b6c4b-9ae3-43f9-a0be-52e33d2041b0.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97b6c4b-9ae3-43f9-a0be-52e33d2041b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ab38f9f7924c7ee9271368faf55a2ee
2508c0e5c7471244baa94fbc97769e5a19641a34
c314c69fc7e82538b2694da79c93a909620a1820e9ef8a25c3d8b675118e3e79
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97b6c4b-9ae3-43f9-a0be-52e33d2041b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7268
x-amzn-requestid: 2426674e-b28d-47c2-a32c-7275864a418c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: apxNRF57IAMFtAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635a2f21-3a8349e635018e2d6400a13b;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 07:11:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZGZUUir8a2FA7VzAmP1cc6SJr8-nXbb8rjIEaYBWZWaSgITHWY2cig==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 07:18:19 GMT
age: 65397
etag: "2508c0e5c7471244baa94fbc97769e5a19641a34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nrfilterfabrics.in/ult/css/JFGrid.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/JFGrid.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/JFGrid.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/css/JFFormStyle-1.css
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/css/JFFormStyle-1.css
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/css/JFFormStyle-1.css HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:16 GMT
server: LiteSpeed
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc477e6f4-5465-4015-8cda-b0b253104c06.gif
34.120.237.76200 OK 34 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc477e6f4-5465-4015-8cda-b0b253104c06.gif
IP 34.120.237.76:0
File type GIF image data, version 89a, 296 x 148\012- data
Hash 423fe309a7d018c0564073e394e3f08a
be17adacd18cd27ee9eab147ee4f32580b81a3eb
be1e605b8b0a99b36e840b4e68a51406f1939d4ec336e198d732ae5bc65e3a3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc477e6f4-5465-4015-8cda-b0b253104c06.gif HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 34164
x-amzn-requestid: 3d1d19d6-daee-41df-a204-e5535c2afca0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIlA0GVGIAMFqZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634ce86b-4fc7c6c975e48aea30d0438f;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 05:30:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HMhfM9y-b5bsT7vHJDTTnhawI3CcI5xPM3e-QqEJjtZYxGXit33V9g==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:51:37 GMT
age: 12999
etag: "be17adacd18cd27ee9eab147ee4f32580b81a3eb"
content-type: image/gif
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1110221ffc54766308cbf62f94cd9f
926f36919d5875592200b78d286edcb4c3ba884c
8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: c1eef336-bec0-47f0-bd30-17de593de8f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: asgW3E8uIAMFpgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b475e-60346ff475ec335e0499d17f;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 03:07:10 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: P3-UxGtr6HKLtsZUHXV_4CgAd3LQBceo_1NUwrfWhWoGoTEKS7KGAw==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:44:56 GMT
age: 22578
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8326b70116b95839cb92a20987ff62bf
e39efc9edc67abdbc8b67e56ea3aa3f169600055
9bb70165db081deb009c8da7f4fcafff66bf4f3ce68c88dd11b21ab1665f8a30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49fb8fa0-61f2-4078-986f-12a6dab52ed2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8381
x-amzn-requestid: affd1381-e8d6-406e-bdfd-43095e110aa9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCJEHAUoAMFQPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a39-738547cc62556b0f6cc604cf;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:37 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FpVYEpuzxdqeInQrm5_-ZU4tLonMfDWY3D3DxRd0JD3uh4emzrgklA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:44:56 GMT
age: 13400
etag: "e39efc9edc67abdbc8b67e56ea3aa3f169600055"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb0edd4c-e6e8-4c25-ac9a-e3701004e856.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb0edd4c-e6e8-4c25-ac9a-e3701004e856.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a11bf07ea9377fadcb6cd7b343e56d4b
4f2f2d1fc8b0fc43c469672e884d57ae9e974368
a6804985570e25c066108b1fb8555ab6d67c533b370ff66fec7736f7fb52b9c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdb0edd4c-e6e8-4c25-ac9a-e3701004e856.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7098
x-amzn-requestid: 175c4749-cc9f-40b8-af93-cd69f62d06a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: avCGnE-NoAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635c4a2a-64c4923c2850cc467b738450;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 21:31:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZcPPBppGPiPvF-2m_kkPWS4xxJcSMEzA9JXQ-hOtgbHnYLfIiVLidQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 21:50:01 GMT
age: 13095
etag: "4f2f2d1fc8b0fc43c469672e884d57ae9e974368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08dc8195-80b5-41fa-a5cd-b0bb44072b0c.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08dc8195-80b5-41fa-a5cd-b0bb44072b0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 146f86a561cb46170f482f06a95b63ee
19a0a4eb1e396b958de5406fba58e9d94c92d6c7
ffb65219c904fa391d4879dedfe319b7adb601bce809c63f25e1bf95f3ba3030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08dc8195-80b5-41fa-a5cd-b0bb44072b0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5655
x-amzn-requestid: a9d3a921-a6a1-4425-a2d8-b26fefbd8ec5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: af25SHnCoAMFuJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6356383b-41baf7e718f95502497ef36c;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 07:01:15 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FUH6VNRi61sXkAnPHCYYTpb28QZcrMu_Jttb-0sLUlF62horpQsiyA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 28 Oct 2022 08:58:38 GMT
age: 59378
etag: "19a0a4eb1e396b958de5406fba58e9d94c92d6c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nrfilterfabrics.in/ult/images/slider1.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider1.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider1.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider2.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider2.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider2.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider5.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider5.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider5.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider3.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider3.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider3.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/logo.png
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/logo.png
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/logo.png HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider4.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider4.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider4.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider6.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider6.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider6.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/slider7.jpg
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/slider7.jpg
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/slider7.jpg HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed
nrfilterfabrics.in/ult/images/title.ico
103.138.188.110200 OK 6.3 kB URL HTTP/1.1 nrfilterfabrics.in/ult/images/title.ico
IP 103.138.188.110:0
ASN #139035 GBLINK NETWORK SOLUTIONS PRIVATE LIMITED
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (680)
Hash f8b17fc861213fa7d3384d3a7fc4bbac
f884299fd6c7c9402e4ce723c2b940e9d0cd0bee
f10e06b286e0764a5b9dfe460d84ee3e29951154481673654d7fd6c9c6e1a341
Analyzer Verdict Alert quad9 Sinkholed
GET /ult/images/title.ico HTTP/1.1
Host: nrfilterfabrics.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nrfilterfabrics.in/ult/qakbot.zip
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-length: 6306
content-encoding: gzip
vary: Accept-Encoding
date: Sat, 29 Oct 2022 01:28:17 GMT
server: LiteSpeed