allainternational.co.ke/new/auth/sf_rand_string_lowercase6/bWljaGFlbC5zY2hvZmllbGRAY2xlYXJlc3VsdC5jb20=
200 OK
0
URL
User Request
GET
HTTP/2
allainternational.co.ke/new/auth/sf_rand_string_lowercase6/bWljaGFlbC5zY2hvZmllbGRAY2xlYXJlc3VsdC5jb20=
IP
ASN
#36024 AS-TIERP-36024
Certificate
IssuerLet's Encrypt
Subject*.allainternational.co.ke
Fingerprint8D:07:BF:FF:A0:28:5B:CF:61:6E:AC:6A:9C:3E:4F:4C:9E:EB:6D:FE
ValidityMon, 10 Apr 2023 03:38:40 GMT - Sun, 09 Jul 2023 03:38:39 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
GET /new/auth/sf_rand_string_lowercase6/bWljaGFlbC5zY2hvZmllbGRAY2xlYXJlc3VsdC5jb20= HTTP/1.1
Host: allainternational.co.ke
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 29 May 2023 02:59:04 GMT
server: Apache
X-Firefox-Spdy: h2
afgpat.ilkinmet.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7ceb7aaf78db0b65
42
URL
afgpat.ilkinmet.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7ceb7aaf78db0b65
IP
Magic
GIF image data, version 89a, 1 x 1\012- data
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Analyzer
Verdict
Alert
fortinet
Malware
GET /cdn-cgi/images/trace/managed/js/transparent.gif?ray=7ceb7aaf78db0b65 HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 29 May 2023 02:59:04 GMT
content-type: image/gif
content-length: 42
last-modified: Thu, 25 May 2023 08:39:03 GMT
etag: "646f1ea7-2a"
server: cloudflare
cf-ray: 7ceb7ab0be24b523-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Mon, 29 May 2023 04:59:04 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com
403 Forbidden
7696
URL
User Request
GET
HTTP/2
afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com
IP
Certificate
IssuerGoogle Trust Services LLC
Subjectilkinmet.com
Fingerprint78:81:BB:EC:D7:9D:8C:86:13:76:14:67:50:B9:46:E5:09:9A:5B:34
ValidityWed, 10 May 2023 07:12:05 GMT - Tue, 08 Aug 2023 07:12:04 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7864), with no line terminators
Hash
43f55cb0945beff7b0eccf68fb18a65d
e36a3d3161bcf498a71e04190c6f8faf06282621
ec77ec185b738ec16dfde283c0371c1f84aee4dfcff5e9b71c529813c6417aa3
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
fortinet
Malware
GET /Mmichael.schofield@clearesult.com HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Mon, 29 May 2023 02:59:04 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GbdM6Zo62WwkWun1qJQCuRtR9YrbXh1PsZQo6idfZSN8ZBInu1lvWXiXpzaKiITCUlnyI8jD26eNJxPnlF7UgnC%2B%2BT6CmEdv5CMTU0aIEPiMm0mk0xTXJsU3XNrbjkZLwvubODcT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ceb7aaf78db0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
afgpat.ilkinmet.com/jm/3f24b82876873deb32e4a1f3ef36535e647414fb9301f
200 OK
7309
URL
GET
HTTP/3
afgpat.ilkinmet.com/jm/3f24b82876873deb32e4a1f3ef36535e647414fb9301f
IP
Requested by
https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Certificate
IssuerGoogle Trust Services LLC
Subjectilkinmet.com
Fingerprint78:81:BB:EC:D7:9D:8C:86:13:76:14:67:50:B9:46:E5:09:9A:5B:34
ValidityWed, 10 May 2023 07:12:05 GMT - Tue, 08 Aug 2023 07:12:04 GMT
Magic
ASCII text, with very long lines (7344), with no line terminators
Hash
f335e180c66cfa35ea3152a33884ec67
0b99d4d6d595e23b8c864f9c39d16813f886e850
7e317dfd820ab1a6759f565d267e82ecb5bd797b6fe89be4858f0174b709c324
Analyzer
Verdict
Alert
fortinet
Malware
GET /jm/3f24b82876873deb32e4a1f3ef36535e647414fb9301f HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Cookie: cf_clearance=feKDmM3vJNoWG6C9OxsZCZqktOWci9Peps67AY32pL0-1685329144-0-160; PHPSESSID=9a5855d06624e99f4eb4d2d117afb0b4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 02:59:09 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 05 Jun 2023 02:59:08 GMT
last-modified: Mon, 22 May 2023 12:05:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dgW7tNq6zp7If28lpkS3l89XjGN%2BEYJJfEneSNaHXTEkjP20TV4yu3B0ByQKikEZ7cyT08u9tEQBkT3HAG7DrrC%2F6Reg587zqnIjKjXMkYXPXxP8pKMZIsgBCWRnVLlaUK%2FDL%2BGI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ceb7ac78f4fb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios@1.4.0/dist/axios.min.js
200 OK
31842
URL
GET
HTTP/2
unpkg.com/axios@1.4.0/dist/axios.min.js
IP
Requested by
https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Magic
ASCII text, with very long lines (31803)
Hash
6470a918ba1fd4b8d0882df0269ddb82
97814fdab64aa7d1b30f082f9eb272d4b1ce18a2
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
GET /axios@1.4.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afgpat.ilkinmet.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 29 May 2023 02:59:08 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI"
via: 1.1 fly.io
fly-request-id: 01GZP8TZEXW4PFCT61FHX2WRTS-fra
cf-cache-status: HIT
age: 2028240
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ceb7ac7c983b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2
afgpat.ilkinmet.com/boot/3f24b82876873deb32e4a1f3ef36535e647414fb9301c
200 OK
51039
URL
GET
HTTP/3
afgpat.ilkinmet.com/boot/3f24b82876873deb32e4a1f3ef36535e647414fb9301c
IP
Requested by
https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Certificate
IssuerGoogle Trust Services LLC
Subjectilkinmet.com
Fingerprint78:81:BB:EC:D7:9D:8C:86:13:76:14:67:50:B9:46:E5:09:9A:5B:34
ValidityWed, 10 May 2023 07:12:05 GMT - Tue, 08 Aug 2023 07:12:04 GMT
Magic
ASCII text, with very long lines (50758)
Hash
67176c242e1bdc20603c878dee836df3
27a71b00383d61ef3c489326b3564d698fc1227c
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
Analyzer
Verdict
Alert
fortinet
Malware
GET /boot/3f24b82876873deb32e4a1f3ef36535e647414fb9301c HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Cookie: cf_clearance=feKDmM3vJNoWG6C9OxsZCZqktOWci9Peps67AY32pL0-1685329144-0-160; PHPSESSID=9a5855d06624e99f4eb4d2d117afb0b4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 02:59:08 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 05 Jun 2023 02:59:07 GMT
last-modified: Mon, 22 May 2023 12:05:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrbthqOMdVEXYaUY3zViYNcTunpHKOLfoyg9OfGU8Yd83E%2BQlaK9Ok1ofbrjFqNXBFpuaFixh0mNIUTRs6WIO166fs4bAF5SGDhwqMVIBQ9kQX%2FHjoDOzt2EAWTf9si2seXOItEP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ceb7ac78f4db523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com
302 Found
7351
URL
User Request
POST
HTTP/3
afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com
IP
Certificate
IssuerGoogle Trust Services LLC
Subjectilkinmet.com
Fingerprint78:81:BB:EC:D7:9D:8C:86:13:76:14:67:50:B9:46:E5:09:9A:5B:34
ValidityWed, 10 May 2023 07:12:05 GMT - Tue, 08 Aug 2023 07:12:04 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer
Verdict
Alert
urlquery
phishing
Phishing - Microsoft Outlook
fortinet
Malware
POST /Mmichael.schofield@clearesult.com HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com?__cf_chl_tk=CmTzlLf4SjaczHJac8xEg5MLNiQ3amHgMBsX9UwqjLo-1685329144-0-gaNycGzNC7s
Content-Type: application/x-www-form-urlencoded
Content-Length: 3169
Origin: https://afgpat.ilkinmet.com
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 29 May 2023 02:59:07 GMT
content-type: text/html; charset=UTF-8
location: ./beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
set-cookie: cf_clearance=feKDmM3vJNoWG6C9OxsZCZqktOWci9Peps67AY32pL0-1685329144-0-160; path=/; expires=Tue, 28-May-24 02:59:06 GMT; domain=.ilkinmet.com; HttpOnly; Secure; SameSite=None
PHPSESSID=9a5855d06624e99f4eb4d2d117afb0b4; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0IxV09zimG%2FvsXSQqggKKHZ0hpD4FI%2BpE7iufC2Dt4QSAum6%2BQ7z8jS84HTZDTPPunta1sAxOqNfB9kKcXilQQo%2FXuRI3LcJ%2FN8zewv%2F67sKJArTfVlPhZ9X8pNvh3c%2Fyllw5eEJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ceb7abb7a04b523-OSL
alt-svc: h3=":443"; ma=86400
afgpat.ilkinmet.com/jq/3f24b82876873deb32e4a1f3ef36535e647414fb93019
200 OK
85578
URL
GET
HTTP/3
afgpat.ilkinmet.com/jq/3f24b82876873deb32e4a1f3ef36535e647414fb93019
IP
Requested by
https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Certificate
IssuerGoogle Trust Services LLC
Subjectilkinmet.com
Fingerprint78:81:BB:EC:D7:9D:8C:86:13:76:14:67:50:B9:46:E5:09:9A:5B:34
ValidityWed, 10 May 2023 07:12:05 GMT - Tue, 08 Aug 2023 07:12:04 GMT
Magic
ASCII text, with very long lines (32065)
Hash
2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Analyzer
Verdict
Alert
fortinet
Malware
GET /jq/3f24b82876873deb32e4a1f3ef36535e647414fb93019 HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Cookie: cf_clearance=feKDmM3vJNoWG6C9OxsZCZqktOWci9Peps67AY32pL0-1685329144-0-160; PHPSESSID=9a5855d06624e99f4eb4d2d117afb0b4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 02:59:08 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Mon, 05 Jun 2023 02:59:07 GMT
last-modified: Mon, 22 May 2023 12:05:30 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eIH%2FJcviigslHYE5qdt9wSuhQi27QyTRhDL6XubJtzAOTDJuuVr8jXMlzXJPjqlQXiep%2BLj9kBURC%2FjPlk3lqZnbb0reNix5cxOzBCpUhTtz%2BwR7oSpMklEJ9ORdSI2xpbfWFv2s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ceb7ac78f4cb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
unpkg.com/axios/dist/axios.min.js
302 Found
31842
URL
GET
HTTP/2
unpkg.com/axios/dist/axios.min.js
IP
Requested by
https://afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://afgpat.ilkinmet.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 29 May 2023 02:59:08 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.4.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01H1JPYPVDRR5DKPCEVM9ZCCG4-arn
cf-cache-status: HIT
age: 172
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7ceb7ac7a97ab51d-OSL
X-Firefox-Spdy: h2
afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
200 OK
7351
URL
User Request
GET
HTTP/3
afgpat.ilkinmet.com/beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49
IP
Certificate
IssuerGoogle Trust Services LLC
Subjectilkinmet.com
Fingerprint78:81:BB:EC:D7:9D:8C:86:13:76:14:67:50:B9:46:E5:09:9A:5B:34
ValidityWed, 10 May 2023 07:12:05 GMT - Tue, 08 Aug 2023 07:12:04 GMT
Magic
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7407), with no line terminators
Hash
5251f7b7f3b20c52492459fca4c4813a
9d974b8d4a3006269777f8c72c7aef1a7da64bce
55fd46a87cc9ffd346df09b84ae73c332477292e0a1c10927fa89e92cf13759b
Analyzer
Verdict
Alert
fortinet
Malware
GET /beebb091955c06fa68b3eb8afc0bae51647414fb86b47PASbeebb091955c06fa68b3eb8afc0bae51647414fb86b49 HTTP/1.1
Host: afgpat.ilkinmet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://afgpat.ilkinmet.com/Mmichael.schofield@clearesult.com?__cf_chl_tk=CmTzlLf4SjaczHJac8xEg5MLNiQ3amHgMBsX9UwqjLo-1685329144-0-gaNycGzNC7s
DNT: 1
Connection: keep-alive
Cookie: cf_clearance=feKDmM3vJNoWG6C9OxsZCZqktOWci9Peps67AY32pL0-1685329144-0-160; PHPSESSID=9a5855d06624e99f4eb4d2d117afb0b4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 29 May 2023 02:59:08 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2Bfs9w6xZYajcB%2Filq05Wdt%2BQBGYcLZKBcEI2aTdyb1BSq6ugdA2wK6LfzljBWLm2dFNwjGUWi9qnhBp2ch56Xgn4MgtV0hQbfDhN%2BtTZHIN1vEhaegCsJJxVFLqZxVWG6bo5A%2Fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ceb7ac6bf0ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
174.136.57.185
104.16.122.175![URL afgpat.ilkinmet.com/cdn-cgi/images/trace/managed/js/transparent.gif?ray=7ceb7aaf78db0b65](/search?q=http.url.addr:"afgpat.ilkinmet.com%2fcdn-cgi%2fimages%2ftrace%2fmanaged%2fjs%2ftransparent.gif%3fray%3d7ceb7aaf78db0b65"){kind=link}