ocsp.starfieldtech.com/
192.124.249.22 2.1 kB IP 192.124.249.22:0
Hash 0184ccac2a48d9d50c13ae6fe572218d
ca86c774e154a484d6520f90985cab5a1f823c13
7964dfb2a9b2411ed0e2f611790843e76bdeb15a86b64f07b97ec23eb75f7cb3
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 29 Nov 2023 12:51:41 GMT
Content-Type: application/ocsp-response
Content-Length: 2148
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Wed, 29 Nov 2023 05:35:05 GMT
Expires: Thu, 30 Nov 2023 05:35:05 GMT
ETag: "ca86c774e154a484d6520f90985cab5a1f823c13"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ambujagroup.com/gkonf/rentfree.zip
192.124.249.175301 Moved Permanently 0 B URL User Request GET HTTP/2 ambujagroup.com/gkonf/rentfree.zip
IP 192.124.249.175:443
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /gkonf/rentfree.zip HTTP/1.1
Host: ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 29 Nov 2023 12:51:42 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.ambujagroup.com/gkonf/rentfree.zip
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-redirect-by: WordPress
vary: User-Agent
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.ambujagroup.com/gkonf/rentfree.zip
192.124.249.175404 Not Found 162 B URL User Request GET HTTP/2 www.ambujagroup.com/gkonf/rentfree.zip
IP 192.124.249.175:443
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /gkonf/rentfree.zip HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: Sucuri/Cloudproxy
Date: Wed, 29 Nov 2023 12:51:43 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
X-Sucuri-ID: 19025
Location: https://www.ambujagroup.com/gkonf/rentfree.zip
www.ambujagroup.com/gkonf/rentfree.zip
192.124.249.175404 Not Found 55 kB URL User Request GET HTTP/2 www.ambujagroup.com/gkonf/rentfree.zip
IP 192.124.249.175:443
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators
Hash ea74c541561b3e2eefdaf106e3dacd59
c9e4a186c0cf3a5cbd7243b8d173ee03f6f5a2e9
4b8129145982ba54754a3734672a9d14242a8aea793d1e3e8c7aacb6e9e0a539
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /gkonf/rentfree.zip HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 29 Nov 2023 12:51:42 GMT
content-type: text/html; charset=UTF-8
content-length: 55419
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ambujagroup.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.ambujagroup.com/gkonf/rentfree.zip
192.124.249.175404 Not Found 55 kB URL User Request GET HTTP/2 www.ambujagroup.com/gkonf/rentfree.zip
IP 192.124.249.175:443
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators
Hash ea74c541561b3e2eefdaf106e3dacd59
c9e4a186c0cf3a5cbd7243b8d173ee03f6f5a2e9
4b8129145982ba54754a3734672a9d14242a8aea793d1e3e8c7aacb6e9e0a539
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /gkonf/rentfree.zip HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 29 Nov 2023 12:51:43 GMT
content-type: text/html; charset=UTF-8
content-length: 55419
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ambujagroup.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: HIT
X-Firefox-Spdy: h2
code.jquery.com/jquery-2.1.1.min.js
151.101.130.137200 OK 30 kB URL GET HTTP/2 code.jquery.com/jquery-2.1.1.min.js
IP 151.101.130.137:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32061)
Hash e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /jquery-2.1.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-14915"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 29 Nov 2023 12:51:43 GMT
age: 6460105
x-served-by: cache-lga13620-LGA, cache-bma1651-BMA
x-cache: HIT, HIT
x-cache-hits: 52, 21962
x-timer: S1701262304.508752,VS0,VE0
vary: Accept-Encoding
content-length: 29482
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/uploads/2020/02/logo-1.png
192.124.249.175200 OK 144 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/uploads/2020/02/logo-1.png
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type PNG image data, 1500 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (143879 bytes)
Hash e3c2446a39395a72501525bea07cface
17bc04f8326786ba1a4d0599b4dfb9148d401009
9b3bf422f305f51d7e10f3e9966e1ee844d1c1ba253498f20babba4a36bcacbb
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2020/02/logo-1.png HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:43 GMT
content-type: image/png
content-length: 143879
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 12 Feb 2020 06:17:48 GMT
etag: "18412e9-23207-59e5aee6e3b00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ambujagroup.com/wp-content/uploads/2020/02/logo-1.png
192.124.249.175200 OK 144 kB URL GET HTTP/2 ambujagroup.com/wp-content/uploads/2020/02/logo-1.png
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type PNG image data, 1500 x 220, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (143879 bytes)
Hash e3c2446a39395a72501525bea07cface
17bc04f8326786ba1a4d0599b4dfb9148d401009
9b3bf422f305f51d7e10f3e9966e1ee844d1c1ba253498f20babba4a36bcacbb
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2020/02/logo-1.png HTTP/1.1
Host: ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:43 GMT
content-type: image/png
content-length: 143879
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 12 Feb 2020 06:17:48 GMT
etag: "18412e9-23207-59e5aee6e3b00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
192.124.249.175200 OK 14 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (57084)
Hash 99ab466e0866c823ae5db517d59cebd1
5595a586cbd42b31377681b9d35293278d75d336
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:43 GMT
content-type: text/css
content-length: 14499
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Mon, 06 Nov 2023 08:10:32 GMT
etag: "1724b20-1add3-60977634cce00-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-11058404206
142.250.74.168200 OK 72 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=AW-11058404206
IP 142.250.74.168:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3026)
Hash ac75e88966aa7b8839c76e621eb4dd2c
160093a80c781af0c94dacd16cfda203a9f337ed
b029a0318b5f25ff6093b2fb67f0ea0e245eb8106f387e21dcaffa0789217ee0
GET /gtag/js?id=AW-11058404206 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Nov 2023 12:51:43 GMT
expires: Wed, 29 Nov 2023 12:51:43 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Nov 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72301
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-KZD028QFL7
142.250.74.168200 OK 92 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-KZD028QFL7
IP 142.250.74.168:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 3df4e0860a29b2a4a35fd96cc5ae27f4
29d7bf8557bc0d782efdb335b759109363239de3
a3eab361a089e961c75ce224eba759f21ccf3f56a92f6af3793ba8dfc73b867c
GET /gtag/js?id=G-KZD028QFL7 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Nov 2023 12:51:43 GMT
expires: Wed, 29 Nov 2023 12:51:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92504
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-153682107-1
142.250.74.168200 OK 69 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=UA-153682107-1
IP 142.250.74.168:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash bb9a6e1d81d2f688d46505174d8351f0
64b59ee56b129651931dd29c7eebda41893c8665
9fc537bd8fb1b470a07384e3b9c83e27fa075e8e88aefebbb60cf71f6533d0ff
GET /gtag/js?id=UA-153682107-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Nov 2023 12:51:43 GMT
expires: Wed, 29 Nov 2023 12:51:43 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Nov 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68654
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-KZD028QFL7&l=dataLayer&cx=c
142.250.74.168200 OK 91 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-KZD028QFL7&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (4179)
Hash 09a2922915389143f52ad8c9a10f3d2e
89b2f6b841958c87f19723250044cd8becf09977
1909aa402d833eac5f630f8767bc9bbfcf951ab2c6f4de644904a36b2b001542
GET /gtag/js?id=G-KZD028QFL7&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Nov 2023 12:51:43 GMT
expires: Wed, 29 Nov 2023 12:51:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 91411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-256356418-1&l=dataLayer&cx=c
142.250.74.168200 OK 65 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=UA-256356418-1&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3026)
Hash 2cd2592b0f448d890a3d8f138c36b69a
8b65741d4bae9b83d18ee2ee8111ca5c8809286d
5cbabc3337c1bfee5e6c0e6ef763eb0eb1427345cd6545f9d5b6b3f13e4f34ab
GET /gtag/js?id=UA-256356418-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Nov 2023 12:51:43 GMT
expires: Wed, 29 Nov 2023 12:51:43 GMT
cache-control: private, max-age=900
last-modified: Wed, 29 Nov 2023 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64705
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ambujagroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
192.124.249.175200 OK 1.0 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash 3fd2afa98866679439097f4ab102fe0a
dbc9c4139e49d0d9fb41b7191aad1a2db6c555fd
ccd31ffa708d025833f954b3e0560cedd58df9a0d2706b2ccee5f501c5b2467b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1015
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 16 Nov 2023 09:57:00 GMT
etag: "1720915-b4e-60a420a77b300-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/ultimate-timeline/public/inc/css/timeline_view.css?ver=6.4.1
192.124.249.175200 OK 1.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/ultimate-timeline/public/inc/css/timeline_view.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 5bc6080d9eb2dae1b010ccbbe1783e90
ba144d8a1a330578f010078f343b6db8dbd44393
81716b0ec870572fcf62ecb6927d536f1a14ab22c019e29c583527add67a9fd7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/ultimate-timeline/public/inc/css/timeline_view.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1193
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:24 GMT
etag: "1aa188f-1c61-60ace09cd6b61-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/css/by_author.css?ver=1.3.4.5
192.124.249.175200 OK 121 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/css/by_author.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash ba27abeff3c90668720eb2c541dc70e8
26bfdc33ffa598f64fdd157adba422f3563ee00c
cb768427b4b6dffc8f9204b7117c8a93aed74879c3acbbad212487116851e01e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_author/css/by_author.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 121
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3075-ad-60ace0a344bcd-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=1.3.4.5
192.124.249.175200 OK 5.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/css/front.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash a75f876b6b669706df9f3488dea5c3b9
9f6857a68be221cfab5dbe0b4a208e198cf5dc6b
5947ff35c1f7b88677b6c3691842e5bbacea638446983d9634b26f2324067194
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/css/front.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 5120
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ac10e4-7007-60ace0a344014-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/ultimate-timeline/assets/css/ultimate-timeline.css?ver=6.4.1
192.124.249.175200 OK 570 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/ultimate-timeline/assets/css/ultimate-timeline.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 25d0fb396ec7fc8bedc8652a6ff834b4
ad9510bb7134d78e0a8aa2ad49bf0df55d23e300
4be25c716a5d4c53e3604f4358b12d8689240332efeb1bcdef3a5accb1dd0e9f
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/ultimate-timeline/assets/css/ultimate-timeline.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 570
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:24 GMT
etag: "19e1375-4aa-60ace09cd2ce1-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/css/front.css?ver=1.3.4.5
192.124.249.175200 OK 1.3 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/css/front.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash f0801854a35c38b6d572d0cf8c48e367
4483b43385dff9fd5533058a8c59928e7fdf5bec
06ef43ae286914056cbbf2afc8635b3356b5c0583b65b12a7a187b0af56025c4
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/css/front.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1346
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba30b3-146c-60ace0a346ef5-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=1.3.4.5
192.124.249.175200 OK 441 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 49113a6154066ec51a1078a6a65ceb85
19e651061513824c70e047425beaa4bbc9b125dc
52a3238eb4f69b23460873761b79b536727ce5cfb5cba906580936fa5a4a3243
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/label/css/html_types/label.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 441
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3125-527-60ace0a370320-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/checkbox.css?ver=1.3.4.5
192.124.249.175200 OK 1.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/checkbox.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash ba59fca991ff2a77584c00bb8e344230
1f9baa6216a449671dce2b3ff710fd5e26678f1f
c61d82de69be98cf6febc84c3dc04fac05c94b3f6caf649a180e3571bc19bf41
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/checkbox.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1523
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31ad-260c-60ace0a377080-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/css/by_instock.css?ver=1.3.4.5
192.124.249.175200 OK 57 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/css/by_instock.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash ae05454bfa9eafdd539ecb721db561b1
68a03accab000fa2b2d0556046824c3021662bed
8eb89d2bb8b869be57155a88be05665fe7d92de9ab74e6ba00deaa412e84642d
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_instock/css/by_instock.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 57
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba308b-41-60ace0a345785-br"
vary: Accept-Encoding,User-Agent
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=1.3.4.5
192.124.249.175200 OK 2.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (372), with CRLF line terminators
Hash 2a6908cf9629ebd78894691d88d031f1
f99959f84676fde4741f35314550c13d00128fda
d1721da3207d1ea1dca29f39d4b0a12e2d8038c582438095fb0ffcf9bf65ed3a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.min.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 2106
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a7e-279d-60ace0a3d295f-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/faq-schema-for-pages-and-posts//css/jquery-ui.css?ver=2.0.0
192.124.249.175200 OK 3.6 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/faq-schema-for-pages-and-posts//css/jquery-ui.css?ver=2.0.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (1188)
Hash 61a28b372c16d866e0840c7ad41f0b9c
3311a067a47816eb86f88857fa58a195bb79336a
9d8f82c45b478f1a5b6945e093836b3f52dd160470090a30e4baa0173d8cb2b3
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/faq-schema-for-pages-and-posts//css/jquery-ui.css?ver=2.0.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 3578
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 06 Nov 2020 18:56:44 GMT
etag: "17c0c87-4995-5b374c60ef300-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/ultimate-timeline/assets/css/bootstrap.min.css?ver=6.4.1
192.124.249.175200 OK 24 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/ultimate-timeline/assets/css/bootstrap.min.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (65326)
Hash a4b3f509e79c54a512b890d73235ef04
1be37b62306c8c0c6775bb4c93c5e4c4e13d9775
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/ultimate-timeline/assets/css/bootstrap.min.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 24186
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:24 GMT
etag: "19e099c-279d8-60ace09cd28f9-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/front.css?ver=1.3.4.5
192.124.249.175200 OK 240 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/front.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 4aeb66aa9fd6af1a80ae53b9af3016b8
60108cfca03a97166ad8e5e7559895239753329d
fc00eadfcb4b3f943a3488fbe87aab9ac6aaaf5431ff45680fd9dae8c1f393c5
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/front.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 240
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31b1-202-60ace0a377468-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/tooltip.css?ver=1.3.4.5
192.124.249.175200 OK 335 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/tooltip.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 4e3ada8b5ad0f95d6d097048d05b815a
e552114de79d250ebe411a33414bfa141455bde6
7d0f6f91dc84be36642eed3f03953066afa3ba0e59544abfd706ca34c558bced
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/tooltip.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 335
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31b7-303-60ace0a377468-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/css/switcher.css?ver=1.3.4.5
192.124.249.175200 OK 1.0 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/css/switcher.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 1ebdded2cceb731fd3c112fd866a4a1c
eaba5b3711a25aa78d79413d9e6ec915487fce4a
5a5f1b12c22b8e6462ae9822cbd42e2640f4e8ed8b9382db6bffa1c876da347b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/css/switcher.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1027
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ac10e9-10c1-60ace0a3443fc-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=1.3.4.5
192.124.249.175200 OK 55 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 3d5f75eaae34fd56d371d29d743525ef
e387eb018cd3c21b15e9385142c8ebd82c33ad73
fec13d7a11bfa84117e620109a2172ead39cb667d6a51346acff640c177480c7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_onsales/css/by_onsales.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 55
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3091-3b-60ace0a345b6d-br"
vary: Accept-Encoding,User-Agent
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/style.css?ver=6.4.1
192.124.249.175200 OK 267 B URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/style.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash 969035a82adc1133632c085ddae84b01
9e182498b828e4422b5ba885b07100ffef395da2
c37b21da06e52cc12deba9d8987e057944217c9222a4a5224ab21a23a8cddfbe
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/style.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 267
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:33:56 GMT
etag: "1820fae-1bc-5aff03d1ee500-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/radio.css?ver=1.3.4.5
192.124.249.175200 OK 1.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/radio.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 65ce44e2fd12d44db29b6be7eacdfe02
a38c0fca9a7c380c7aabee262046c63f7aceefb4
e88d5bae8fcb64a6d5b1218e16dc7b5b1806a340fb5d7dabe5c9042f728b852b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/radio.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1510
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31af-25bf-60ace0a377080-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/color.css?ver=1.3.4.5
192.124.249.175200 OK 1.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/color.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 4945a7bf3b77aa5d88c7c5a4063220c6
7c18fb4442421dde9251a58f63d0f92ee8e0879c
0db6eb5b8b67cb79b766f94d9b68f8e6e429b532dfb8b52008b01d843b1838e7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/color.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1097
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31ae-172b-60ace0a377080-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/switcher.css?ver=1.3.4.5
192.124.249.175200 OK 1.6 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/switcher.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 88857b4d7fa41f83dc2485715fa3f5ee
fe3c472f1c5742b2146d1b8559e64af7df6d0431
4cd618b229faef10a93b50f5e9de4e195631979856e110c929ee0917eeb56dc0
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/css/elements/switcher.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1582
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31b0-2408-60ace0a377080-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/css/html_types/select_radio_check.css?ver=1.3.4.5
192.124.249.175200 OK 839 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/css/html_types/select_radio_check.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash a5e04e452f72ccea47c97caea1a94efe
813997c7657c8a9779e1436661ca9e07d89d7627
3365adcfbc47a1f560777ecd6a1e0d71a8d095c9cff30d1d6f1e8ad70edaa2e2
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/css/html_types/select_radio_check.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 839
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba318f-ceb-60ace0a375cf8-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/style.css?ver=3.8.3
192.124.249.175200 OK 267 B URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/style.css?ver=3.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash 969035a82adc1133632c085ddae84b01
9e182498b828e4422b5ba885b07100ffef395da2
c37b21da06e52cc12deba9d8987e057944217c9222a4a5224ab21a23a8cddfbe
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/style.css?ver=3.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 267
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:33:56 GMT
etag: "1820fae-1bc-5aff03d1ee500-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
192.124.249.175200 OK 4.9 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (13479)
Hash 9ffeb32e2d9efbf8f70caabded242267
3ad0c10e501ac2a9bfa18f9cd7e700219b378738
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 4872
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 09 Jun 2023 18:19:24 GMT
etag: "1724d18-3509-5fdb66894a300-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.4.3
192.124.249.175200 OK 6.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.4.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (38599), with no line terminators
Hash 5e93c9e812daf9de6a6c5a9c4376c6ba
e3b36f4ada72bfb20673510c0b738c73a2542ad4
144ee8fd3d8997d932fe2b5497979e7cde8fda86b41b0c6e32e47faa8e1157e7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/wp-job-openings/assets/css/general.min.css?ver=3.4.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 6453
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:59:04 GMT
etag: "19e139a-96c7-60ace0c387ad8-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
192.124.249.175200 OK 30 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (65447)
Hash 826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 30368
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 29 Aug 2023 05:44:22 GMT
etag: "1724d20-15601-604094d845980-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.8.3
192.124.249.175200 OK 30 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (339)
Hash 044e8c021f02362ee178ceb6152317c3
0e5f9d2e49db13d8b6084c489a39508b7b0fc2c6
381da4050ab2ccbce0da5fc5a8393a8b187c4c45dceb183c7b14f100b526ec0e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome.css?ver=3.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 29500
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 06 Jul 2023 09:20:04 GMT
etag: "1842833-2681f-5ffce058b84f8-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/responsive.css?ver=6.4.1
192.124.249.175200 OK 6.9 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/responsive.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash fd112408d3370132ac1a465ef26e9caa
20f93fdb34082a548d274ecb24e6893513cba475
6453b170ed2e79bcd6b626824e72d6ef39a81e82da67e0313c7b1e4cf45c0fe1
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/responsive.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 6930
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:33:54 GMT
etag: "1820fa1-7eee-5aff03d006080-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/admin/owlcarousel/owl.carousel.css?ver=6.4.1
192.124.249.175200 OK 910 B URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/admin/owlcarousel/owl.carousel.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (396)
Hash 110d50e967ba827521c12fd44a89b14a
9ce66c4e549897aaae86b0bcf403f4b0ef918eba
a38981951eefadb19c99c7dcc506e27b5fb08505ee29c6aa3c9fd3c4831189ff
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/admin/owlcarousel/owl.carousel.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 910
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:37:04 GMT
etag: "1820f73-e81-5aff048538c00-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
192.124.249.175200 OK 187 B URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (368)
Hash 0a562076dc9cf2d69817b7fc435b06cb
42732451f6f4cae6021f39caa5457d54f3c178b3
28f4c609a2b8bc8fe9f7309107c7c9ba63d2880ff4080924dbf7ff46ab4d79f4
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 187
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:37:40 GMT
etag: "1840060-171-5aff04a78dd00-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/ultimate-timeline/includes/fa-icons/js/min/awesome.js?ver=6.4.1
192.124.249.175200 OK 1.7 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/ultimate-timeline/includes/fa-icons/js/min/awesome.js?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (3949), with CRLF line terminators
Hash c210a5cc64528dd2242bac2fd8c3f054
723033c862b306d18f46d9b22e37e74c46fb5c9b
7f9a3d2058f34dd4631b78001642335cf53be98fed573ba6685d2024d246b8f3
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/ultimate-timeline/includes/fa-icons/js/min/awesome.js?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 1717
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:24 GMT
etag: "1a40633-1060-60ace09cd6779-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.3
192.124.249.175200 OK 542 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash f121cbe481654c96ce787303a88233a9
85381754c57b743d3f3d4afef31e802175be215f
cedc9155263d1f634191e71f3c9ce256b315f833e375739ed0e65087996428cc
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/cf7-conditional-fields/style.css?ver=2.4.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 542
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 15:39:03 GMT
etag: "1c00e8c-651-60ad3a2a00d23-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.4.3
192.124.249.175200 OK 4.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.4.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (18821), with no line terminators
Hash 714c22b27eec895ff7b20fa8e5a34259
841d624e5501f717f0348204e86880b63f56274d
36b74f0c72674951730e13d210bf20cbab196d2b93b00871195e03116dffc9d8
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/wp-job-openings/assets/css/style.min.css?ver=3.4.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 4087
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:59:04 GMT
etag: "19e139c-4985-60ace0c3882a8-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1
192.124.249.175200 OK 1.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash ac7eef7756c1ad7d9df33edae9f60e5d
fb334d6bdf233b1c0b3a3658c0763e5916eda4b0
92b4feff9bb6c863075d35cd38d989cc254f99489f574338def1949904027d42
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=8.3.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 1091
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 09:00:40 GMT
etag: "1c0295e-bdd-60ace11f151e6-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.8.3
192.124.249.175200 OK 5.4 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (22186)
Hash 4d6f2f806a2bd92f9830c4e60e41b5f2
b442c8b2f5aec522bcea9aae087a6b721e492b65
1129f7b23ba293c5046adac49496b29d3729b862571dd24795b7c9d8713ceb99
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css?ver=3.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 5373
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:37:38 GMT
etag: "1840063-56ae-5aff04a5a5880-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1
192.124.249.175200 OK 3.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (9242)
Hash ef56117d1bb5cc41aa6bd127a49c7640
b9c2ed774177fc0fceba5cb58113024b23fe4fb7
d151f8c0b2659cfb63704d68654ad8d9437ae9da4410536f63ddec21689a0620
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.8.3.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 3537
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 09:00:40 GMT
etag: "1c0297a-25a4-60ace11f16186-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/husky.js?ver=1.3.4.5
192.124.249.175200 OK 3.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/husky.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Hash a8ba392811f25287f703fbb671cef367
12397b1ae07de84fc8b74922ee904706f433882c
729e6ee2e9503b994a4fd37d69819e730ad4f1e719465c95da1b7d13702eab37
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/husky.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 3090
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba30b8-4075-60ace0a3472dd-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1
192.124.249.175200 OK 980 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (1679)
Hash 53e07784d8fab2f50b99ff9868124992
d8739feb2845a3fa4a8c085aeabc4eb0e6945590
1533d5bc82424a9a3ac37a7fe543925909d25715d16938b9e02c728c86fd86e8
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.8.3.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 980
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 09:00:40 GMT
etag: "1c02992-735-60ace11f1750e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1
192.124.249.175200 OK 799 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (2139), with no line terminators
Hash 6d3b3d63df025e97f370c5efab2c96da
78c0c8e7504f9314b2e9fd714bbab530af52f2af
8c0b5e384ae00c512f4bb1ba5e2fe622fab4bfc541c99555df38c19c329d3fe6
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=8.3.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 799
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 09:00:40 GMT
etag: "1c02978-85b-60ace11f16186-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/inc/js/responsive-modernizr.min.js?ver=2.6.1
192.124.249.175200 OK 6.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/inc/js/responsive-modernizr.min.js?ver=2.6.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document, ASCII text, with very long lines (19080), with no line terminators
Hash 7c8306423254465ca9ff23cc98c3c467
e0892757fba897cb62e6566c69c0758779446d81
dedf6e55c698c13a5f4a5d6fde91f8d76d5c24052bca93c7ec40ada710c7c936
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/inc/js/responsive-modernizr.min.js?ver=2.6.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 6529
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 21 Nov 2023 11:15:20 GMT
etag: "1842832-4a88-60aa7b7dbaff7-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/uploads/maxmegamenu/style.css?ver=d73ed6
192.124.249.175200 OK 6.0 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/uploads/maxmegamenu/style.css?ver=d73ed6
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (990)
Hash b81395eb71b0e148bf67b4719f54000c
a8fd90a43e2f1ffeb960f04d728c1bf5277c3cfd
46e69a824acdffaed468088fa9a68d4df37ac70aa50788b05ce50213a0abc66e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/maxmegamenu/style.css?ver=d73ed6 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 5981
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 30 Aug 2022 10:48:39 GMT
etag: "18816db-106ca-5e7731f7f3a32-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/admin/owlcarousel/owl.carousel.min.js?ver=6.4.1
192.124.249.175200 OK 10 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/admin/owlcarousel/owl.carousel.min.js?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (32068)
Hash ffaa3c82ad2c6e216e68aca44746e1be
2fa7c468110fa68f1f3df6718daf971871623ee9
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/admin/owlcarousel/owl.carousel.min.js?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 10522
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 21 Nov 2023 11:07:54 GMT
etag: "1821114-9dd1-60aa79d4374c5-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/admin/shuffle/jquery.shuffle.min.js?ver=6.4.1
192.124.249.175200 OK 4.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/admin/shuffle/jquery.shuffle.min.js?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (12821)
Hash 54fcfddd4e512c1b92cd0b5486e6ca8f
ffb953e2d036ff0d72aeaac3d8b8587358fc4b3f
6592712c1dfa4fcf94be74b77fa551283c7678cb939b11553e06e69f41dcb024
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/admin/shuffle/jquery.shuffle.min.js?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 4481
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Tue, 21 Nov 2023 11:12:51 GMT
etag: "1842afa-32cd-60aa7aefa15f7-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=1.3.4.5
192.124.249.175200 OK 285 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (1324), with no line terminators
Hash 6d3035233d2c82f23c066a798e85c17c
b440a7cebe6ad450c02f98035c1dc9de212e4cce
a1782a1a429aa942bddcfa3f5511e8b8de26cc27b2f65fbce7958e3b9f236432
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/tooltip/css/plugins/tooltipster/sideTip/themes/tooltipster-sideTip-noir.min.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 285
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4ba7-52c-60ace0a426925-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/css/jquery.tabSlideOut.css?ver=1.3.4.5
192.124.249.175200 OK 796 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/css/jquery.tabSlideOut.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 7069fcf0131d1cd4373b057a0068631d
1867d7c4c66b453ea7ae8a77d590aa1eb0274946
fd2ddc9da27d480f7132e68befbbe816d27d9458729114333f79ad379c882cf7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/slideout/css/jquery.tabSlideOut.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 796
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba319a-af2-60ace0a3764c8-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=1.3.4.5
192.124.249.175200 OK 2.3 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 3d4d609cb797d814e1fd61884655369e
15b14d8aa4e700bd427eb8f41ddfcc8f26137925
14af20b23d76695748c501722b61735ded1ac82088a00af8468d032457664e08
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/css/ion.rangeSlider.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 2333
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4b89-3693-60ace0a3d6faf-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/sections/css/sections.css?ver=1.3.4.5
192.124.249.175200 OK 406 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/sections/css/sections.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 9e03309fa680617cbc974b28232779f6
5f158364bf06122d8fdbabb68ebe5a4bc84922b6
6fd34c39c36a60773f839a5ccc2f989064001caca25f5b625352e18455c0a02b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/sections/css/sections.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 406
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3182-4c7-60ace0a375528-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/app.js?ver=4.4.0
192.124.249.175200 OK 9.8 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/app.js?ver=4.4.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (25805)
Hash c4d360e3e32c3682c8eb09dea7f20430
d7a3cf11628be5ea6a34331a961f9e87d77e05e7
bfa29ba9cf774751c0de9cf5e4d71fafddcb8eb9c9af0678eae5e1a604bf9a4c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/app.js?ver=4.4.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 9768
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c01179-6691-60af80c4db90e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/inc/js/responsive-scripts.min.js?ver=1.2.6
192.124.249.175200 OK 4.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/inc/js/responsive-scripts.min.js?ver=1.2.6
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document, ASCII text, with very long lines (4757)
Hash 0259cf852b991374483ca7bc499b57e9
805afa5b553e7c2a0c239705511b7263501953bd
2ff512b61cc5c34682a384b90333ad370777ee301ea3079043f717560bca7942
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/inc/js/responsive-scripts.min.js?ver=1.2.6 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 4167
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 22 Nov 2023 10:20:38 GMT
etag: "18406bd-2b7b-60abb12090f36-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/css/slideout.css?ver=1.3.4.5
192.124.249.175200 OK 147 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/css/slideout.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 36df0c61411f2e7f78443eb5a1153b27
dd10b3b2e013ef854198509f4fbfe41f03b2c4e6
1c72a58ac2350fde1d347351878158775a3240620b9465c13b585e1af279cbdf
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/slideout/css/slideout.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 147
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba319b-c4-60ace0a3764c8-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
192.124.249.175200 OK 2.8 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (8632)
Hash 7849e0aa35f335f3816b71dad422ceb7
d81bb30d45fe1b5f4a92056448d4ccbca14202be
3b0a04f5aa3291e26f44613add53e1bbd56a09147f6a0b390dc4c3369dd1731d
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.13.2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 2760
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 03 Feb 2023 05:06:32 GMT
etag: "1724d2b-226e-5f3c4a5104600-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
192.124.249.175200 OK 1.8 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/imagesloaded.min.js?ver=5.0.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (4358)
Hash 6823120876c9afc8929418c9a6f8e343
90b0adb37d70ffec5f9189c36bb0027c310c9502
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/imagesloaded.min.js?ver=5.0.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 1803
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 12 Aug 2023 06:48:26 GMT
etag: "1724d0b-1590-602b43755c280-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.4.3
192.124.249.175200 OK 15 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.4.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (48764), with no line terminators
Hash beb3206bb0c4a6c21a7eee99fcc25e72
79b61b36253d5e2012093ec90c08d164825edb02
f5c4ba1964e745443a0c654fc82f22e7e540e84da7c72d20ea85451cc79a035a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/wp-job-openings/assets/js/script.min.js?ver=3.4.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 15206
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:59:04 GMT
etag: "1bc4c64-be7c-60ace0c38dc80-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
192.124.249.175200 OK 4.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document, ASCII text, with very long lines (13182), with no line terminators
Hash 83a062cf6545b990c13b4398035a29d0
5cf24bc45fcbc6f416ea9671e089ca00ef0080d2
7ee08c60d39f5712a56938fda3e2ab10fe3ef23ec98aeb3c9a29e54f6f31ffe1
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 4191
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 16 Nov 2023 09:57:00 GMT
etag: "1720920-337e-60a420a77b300-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
192.124.249.175200 OK 3.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (11117), with no line terminators
Hash a53a916adf48efefd5a2aa0861ebbc07
46acfa0be9dd623a7aa9bceb1344c152a8adc13b
9c1989ecd392a0c54fb799409154242706940a8e6d800542ba579dfda576bb9d
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 3212
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 16 Nov 2023 09:57:00 GMT
etag: "172093e-2b6d-60a420a77b300-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/masonry.min.js?ver=4.2.2
192.124.249.175200 OK 7.4 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/masonry.min.js?ver=4.2.2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (23966)
Hash 3b3fc826e58fc554108e4a651c9c7848
76778fd446e2ff2377588a7b4ac4d79f258427c9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/masonry.min.js?ver=4.2.2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 7382
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sun, 14 Jun 2020 07:23:26 GMT
etag: "1724d76-5e4a-5a8062fa27780-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
192.124.249.175200 OK 7.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash c4e68a0f3463c0bd3c39eab38815e881
0ce58644e9f3c5063a11453ff287c5ec096465a7
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 7099
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 03 Feb 2023 05:06:32 GMT
etag: "1724d35-53be-5f3c4a5104600-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/faq-schema-for-pages-and-posts//js/frontend.js?ver=2.0.0
192.124.249.175200 OK 165 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/faq-schema-for-pages-and-posts//js/frontend.js?ver=2.0.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash 556a97d09a83a74c72fa0ccf633c5fd4
3498adbfcdedd566d0884dfbf8ac72261f44bcaa
739f5230427f2f479847a4cbb6ef78e5cd870e8abdf5ec69f67aaf05d86d452b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/faq-schema-for-pages-and-posts//js/frontend.js?ver=2.0.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 165
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 22 Nov 2023 07:08:48 GMT
etag: "17c08d6-bb-60ab8640953f7-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/shortcodes-ultimate/vendor/popper/popper.min.js?ver=2.9.2
192.124.249.175200 OK 6.6 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/shortcodes-ultimate/vendor/popper/popper.min.js?ver=2.9.2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (18506)
Hash 83e6ef063fa41ff8d8c00956a7cd3fd9
8eeb7bf71e8a978b82a1a198015f14d73d2ea592
5a07c69f9061eb12e39a031358a4f567f30a002ad6182639ac84fd1bda2f6e65
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/shortcodes-ultimate/vendor/popper/popper.min.js?ver=2.9.2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 6649
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 24 Nov 2023 06:28:54 GMT
etag: "1c01098-48a2-60ae010ff5654-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.8.3
192.124.249.175200 OK 5.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (12801)
Hash 3960cd092db74e4345b16fd14e149abb
e44d7b3001279d6b75fb31382b0fdad59be1d810
df6ddef16961409592e54a6580f75f803e3b1f3dfe0051d24b06e8cc75f67e28
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js?ver=3.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 5108
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 22 Nov 2023 10:20:38 GMT
etag: "18405d2-3e06-60abb12150d95-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/ultimate-timeline/assets/js/bootstrap.min.js?ver=1
192.124.249.175200 OK 15 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/ultimate-timeline/assets/js/bootstrap.min.js?ver=1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (62284)
Hash 2a753de0369d13becc9649fc48f55535
e324063c8f46c6b29427df1542f1026ad230f604
423217abf8775cea2dc30fa1fe3e1c5e24dc359a80f1c37ad29a86094bfe81d1
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/ultimate-timeline/assets/js/bootstrap.min.js?ver=1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 15319
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:24 GMT
etag: "19e138c-f463-60ace09cd3899-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.4
192.124.249.175200 OK 5.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.4
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (315)
Hash 0c51d0bbe2e1c6d892a9d5178abec42a
af4e3c0aeee52d9f8d72d07ae61982304dfc97cb
0b35f88d468214d1e8ea6b50a1161cddd4984b46d3c9b13d05f00438bf894083
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=3.2.4 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 5198
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:57:38 GMT
etag: "18835d5-842f-60ace070d0f94-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.3.4.5
192.124.249.175200 OK 10 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (31915), with CRLF line terminators
Hash ddfbb6688d9645ef9886869f089a1619
bff269a1b0a5d68308509c0ecdaed6935e415e3e
00014b038dc760afb56e34eebeb75850bc92cc04300b07578ef363934f6ceb95
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/tooltip/js/tooltipster.bundle.min.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 10111
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4bb1-9b5f-60ace0a4270f5-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/inc/js/jquery.placeholder.min.js?ver=2.0.7
192.124.249.175200 OK 1.0 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/inc/js/jquery.placeholder.min.js?ver=2.0.7
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (3305)
Hash a13cdaf4bae953a6e97f8c404ef58dc9
ad2f080b49a77de98eb70240aceb1c249df4c93c
c9ec78093689ba7f3f8e20cde4cb6779928582cc3720005d6e9207c5a107f0a1
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/inc/js/jquery.placeholder.min.js?ver=2.0.7 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 1037
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 22 Nov 2023 10:20:38 GMT
etag: "18406ba-cea-60abb1208f3de-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/front_builder/css/front-builder.css?ver=1.3.4.5
192.124.249.175200 OK 1.3 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/front_builder/css/front-builder.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 8add74f56f6e65fb10adb59bd8f40e39
535f7c6df32c780a8475e18305c199a30714b7c9
e94773408d55b6f06377098ac017277f595b7d4c960d3c857f50f20e5c88fe4f
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/front_builder/css/front-builder.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1306
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba30e0-1557-60ace0a348a4d-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.3
192.124.249.175200 OK 12 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (338)
Hash 62fe89ad32c52b2cd9db03edcc663b9a
5695367ff530c47fecff4caf60a3e5177628fcc9
f0a0d87f2d0f9b7a37982c54b57129bf7d2b74b6e401cdd9adbe43e760c89bc3
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/cf7-conditional-fields/js/scripts.js?ver=2.4.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 12424
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 15:39:03 GMT
etag: "1c00e88-d9c4-60ad3a29f8082-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
192.124.249.175200 OK 706 B URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (1464)
Hash 8c0498e2f1f7a684a8d2a3feb934b64b
76099689ccaee466d4608da621c403b368dcae03
ed5b5df9ceacfe76857ac51964972b0b417a215b2f50e837fd6b64bad7339c40
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 706
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 09 Apr 2022 08:37:18 GMT
etag: "1724d0a-5db-5dc349e6e6b80-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/front.js?ver=1.3.4.5
192.124.249.175200 OK 609 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/front.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Algol 68 source text\012- Pascal source, ASCII text, with CRLF line terminators
Hash 7b44ae303d5beb4960a2a886aaa7fbbe
837c7157c77fba71dde1052e44c77894486b3b8e
ad85ddd3fa0389253fffd7ab7c010e95b39b7f51dd3ff33d2deffb6fdf0d989f
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_text/assets/js/front.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 609
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba30b7-627-60ace0a3472dd-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/js/by_instock.js?ver=1.3.4.5
192.124.249.175200 OK 534 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_instock/js/by_instock.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash f6e013440161732670a7625650be9874
aa74d4c0561ed04b37473469158bb4ef7fe8fbd0
18acde26d472691bc82493523d2529e17f137866a8025cef3da864e6ca2656e8
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_instock/js/by_instock.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 534
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba308e-afe-60ace0a345b6d-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.3.4.5
192.124.249.175200 OK 810 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 55c93bcf152920593b6a5b97589a38c7
bb35133e3b11a40c965c19118138280b04c1bdff
16249857ad398bb86dab36b8735bfe91f712b22c8b57916a4472c21b0c21dff4
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/radio.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 810
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a91-ee4-60ace0a3d3517-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
192.124.249.175200 OK 3.7 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash c2c4e2a562e06e1cb22293a5b920aca6
a7b5a369ac4883f1ee7fa701b238d20238b675ca
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 3692
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 22 Sep 2023 01:56:32 GMT
etag: "1724cae-24e5-605e8eae9b400-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=1.3.4.5
192.124.249.175200 OK 1.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (6495), with no line terminators
Hash b15ef24270546e5fe896d3ea387ea134
63910103e8cc5e4bdeb2c289cfbf41f89966ea5b
41ce2509fa9959868717986010e16b6334885fd46bc64d0d3c745a73ed3c41e4
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/tooltip/css/tooltipster.bundle.min.css?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
content-length: 1115
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4bab-195f-60ace0a426925-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/js/jquery.tabSlideOut.js?ver=1.3.4.5
192.124.249.175200 OK 3.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/js/jquery.tabSlideOut.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 7c41a2ea5592299fb3c4d60f27e61279
cb261843fff3901045ae96570fcff96234082d92
c5b0f918ab3d69565f5927377ae6dc154e0a69e0a35ea513cc48cf5eb2169e79
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/slideout/js/jquery.tabSlideOut.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 3132
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31a1-3b3f-60ace0a3768b0-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=1.3.4.5
192.124.249.175200 OK 957 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 587403662de465a14868c1904539f68c
f85469e09f16ff742ef9de8794c17bcbd4a0ba2e
ea2a1696268e56918b353880278237882485832d69310f24c6a89814a0fa820a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/checkbox.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 957
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a8f-f3e-60ace0a3d3517-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.3.4.5
192.124.249.175200 OK 731 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash c2e2073918051e0cde2f1b6745257727
e08fe246c8a899e0189767bc13238bbb784a32ed
2f4adc9f96a6a1c5a48e9989c0803dbede961f57d7108b3ed3b6b39381a3e4cc
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/mselect.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 731
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a90-844-60ace0a3d3517-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/js/ion.rangeSlider.min.js?ver=1.3.4.5
192.124.249.175200 OK 8.8 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/js/ion.rangeSlider.min.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (41067), with CRLF line terminators
Hash 4f764e32c97096658d0c10c875a2f0ea
961d52c0cdf1a3d7d66709f12982fb4ee79083d0
9d1c3b96827f8477ad09bbc49c7332aeb334f5804b0226bda5e2aaf4de18de52
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/ion.range-slider/js/ion.rangeSlider.min.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 8783
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4b98-a0d4-60ace0a425d6d-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=1.3.4.5
192.124.249.175200 OK 567 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 1b11678a1c38aa398f14b9cb8d5018cf
0826eef957ad13a684054299be86a74e1b7712d1
ab640aeed1fb8f15919b5256291680e8454c88f3c11f8efe1ad3c957bfdf9ba9
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/label/js/html_types/label.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 567
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3128-759-60ace0a370320-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.3.4.5
192.124.249.175200 OK 471 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 086eab1ce21d45add7f343da153de21a
c1d4ccc029d1e58e507773594b21c5efa1196886
36c5212cdf867715ea866ff5f9bc09ceef13255c501a418ed739c7ce2d53f6a4
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/html_types/select.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 471
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a92-4be-60ace0a3d3517-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.3.4.5
192.124.249.175200 OK 13 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 76a0aaecfc4a5dca30b59b2d206084d3
c5e4a79aa47760d6d8084f89571a64a5a12a4b09
7310c3524c1d7d71f5f05c1b669648bc3fd6c694b961921a78cca112a8e90499
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/front.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 12673
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a8e-1057b-60ace0a3d3517-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/js/by_author.js?ver=1.3.4.5
192.124.249.175200 OK 613 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_author/js/by_author.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash d6a6d4ace1a2aa9edf500e6c4f767da1
e7a28f9a7a1567c0e37c197d61882b40fb0e5860
caa54b09d3bd19dfd8d5acb8ff87b6ce2ef670b87d93599e83050a6f7ee45d7e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_author/js/by_author.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 613
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba307b-a49-60ace0a344fb5-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=1.3.4.5
192.124.249.175200 OK 527 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash b3e7cf9521f223f78cd8b664b0e4bd07
2c9289adeb1ab25a71a0ae96555b4725996b82c2
7ff32a3d7ed046aa58ebae8dc50fe091f825cfdb71d91b7d500aac110b60f97a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/by_onsales/js/by_onsales.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 527
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3094-ad6-60ace0a345f55-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/sections/js/sections.js?ver=1.3.4.5
192.124.249.175200 OK 542 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/sections/js/sections.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash 0930201ed763e12313a4cfe8beb284af
a2cfd11de488d1774d3edcbb6c4a984ca904b51d
f9743f2885516ccb495dcc2fc2920b07c055b299ee51723d05de175dfb1beddc
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/sections/js/sections.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 542
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3186-58c-60ace0a375910-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/js/slideout.js?ver=1.3.4.5
192.124.249.175200 OK 816 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/slideout/js/slideout.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash c6957067824746313ec3a4dc4083d3ce
7e536b4d1f3274dbee98cd84dca4477a31f0f5ed
651a635a436581c61eeeb4b3312461db6ccac9ccdb4f0303adda67b780a1b0dc
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/slideout/js/slideout.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 816
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31a2-acd-60ace0a3768b0-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
192.124.249.175200 OK 256 B URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/zxcvbn-async.min.js?ver=1.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (316)
Hash c6f045d5e79f0a4f5ce90419ca598162
45d70af2ab1d5d4ff738afc052758a0242f31a00
e93e18f2f34a865e27d2d839eaccca6bec750d357f1c937980026d6d25507c2c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/zxcvbn-async.min.js?ver=1.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 256
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 24 Feb 2021 05:15:18 GMT
etag: "1724e50-15f-5bc0e1eed8580-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.js?ver=1.3.4.5
192.124.249.175200 OK 8.6 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (326), with CRLF line terminators
Hash a7f1b157cf49e8cc984dc0a8e6635be8
bb2c440b055119ba53097328870cba8fb6f17815
93cea3151f719e0aca5b794ddda867e66ab8ece294090f7d1c934ffe5a01cb2f
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/js/chosen/chosen.jquery.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 8647
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1bc4a7c-bee0-60ace0a3d2577-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
192.124.249.175200 OK 2.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (6625), with no line terminators
Hash fd7ef2e4737acd74fd0dcdc3b515e304
0d792b33f12a48ee8aaaf2560a63a5682470645b
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.14.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 2502
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 20 Sep 2023 08:00:24 GMT
etag: "1724ceb-19e1-605c5c484d600-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
192.124.249.175200 OK 1.6 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (4592)
Hash 7bd48eb3bd568033e96caf0fb62e6690
b38066999294b99d92d95db5f38bc15707eb1f22
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 1567
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 22 Sep 2023 01:56:32 GMT
etag: "1724caa-1213-605e8eae9b400-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/js/front.js?ver=1.3.4.5
192.124.249.175200 OK 732 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/smart_designer/js/front.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document, ASCII text, with CRLF line terminators
Hash 9c170a03495e57205e71f96c102f7f28
67a83255f4ca907f4b0b4e09b58df77e3d9e095a
899a84bb7610dc2bda5355dbaa4c63a9aba7116e7e8b0836df04f36384787325
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/smart_designer/js/front.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 732
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba31c3-a8f-60ace0a378020-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/js/html_types/select_radio_check.js?ver=1.3.4.5
192.124.249.175200 OK 1.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/js/html_types/select_radio_check.js?ver=1.3.4.5
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with CRLF line terminators
Hash e00671f4cc488fa00e49b9b2e5e11605
375067d642ee6b15e633bc5b65798002d1636475
9b0c14d40f546a632e22615efd5e0a7a1999b32137af3983b27c8b1f24c9daf7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce-products-filter/ext/select_radio_check/js/html_types/select_radio_check.js?ver=1.3.4.5 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 1057
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 08:58:31 GMT
etag: "1ba3197-106c-60ace0a3760e0-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
192.124.249.175200 OK 2.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (8171), with no line terminators
Hash dda652db133fddb9b80a05c6d1b5c540
60c8514c57a5db2980c4b046b0dd479bd427357b
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 2484
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 18 Jan 2023 23:46:32 GMT
etag: "1724cf5-1feb-5f2926d08e600-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=8.3.1
192.124.249.175200 OK 782 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=8.3.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (2031), with no line terminators
Hash 2b758128d1f87c62f651efa86a5cdd91
10b67bc0b3a770c6fb2eba278328f90a5756f1bf
470579bd47eec099137dde9cc40ba3bc18b3e5739a30c36612c6b6978fac0494
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/woocommerce/assets/js/frontend/password-strength-meter.min.js?ver=8.3.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 782
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 23 Nov 2023 09:00:40 GMT
etag: "1c02970-7ef-60ace11f15d9e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
192.124.249.175200 OK 36 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a98016751e498c06d434cc022ca1a44
6aa9af5fe436eab9c313de9f0bea072c04637624
da9ed5720b674f0d297fe621ac2d8d518c4e622bef1e9b0d4ae489dee9aa43f8
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 35888
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 27 Sep 2023 02:53:26 GMT
etag: "1724cfd-1c1b7-6064e4b9c1580-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.8.3
192.124.249.175200 OK 4.6 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document, ASCII text, with very long lines (8803)
Hash fd5e46f594dd1732f0bbd506451c41aa
1110b2568d9349c385208c3d4fd3bc79a8ce7c6f
caf31da27e24fd5a218c1dabd48159810f0710e0efa18b34c51ebd656ada6319
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/assets/js/woocommerce.js?ver=3.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 4637
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 22 Nov 2023 10:20:35 GMT
etag: "18400cf-3776-60abb11e7563e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-admin/js/password-strength-meter.min.js?ver=6.4.1
192.124.249.175200 OK 621 B URL GET HTTP/2 www.ambujagroup.com/wp-admin/js/password-strength-meter.min.js?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (1088)
Hash b2e45ac2d733c572ee0b3b5dd53c7cc0
f0d35678945439784d91ded2f48936c0396095dc
fcbe9e9ff2d1c20cab10bf43dc49914e188b44ae21f34257b4a0ef5cae90f7ac
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-admin/js/password-strength-meter.min.js?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 621
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 23 Jan 2021 01:02:02 GMT
etag: "1703713-463-5b986da40f680-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.8.3
192.124.249.175200 OK 47 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.8.3
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (19155)
Hash bf13541bfd515c05c7bc04aebd121278
f3527d4e2e4b2902dacbf7e51a83b19ece58f2d5
36ae7aa67ad80a85a95c605ee89da1ae90aed124113ff05d17f55ebcf00408c3
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/assets/js/flatsome.js?ver=3.8.3 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/javascript
content-length: 47276
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 22 Nov 2023 10:20:35 GMT
etag: "18400ce-277db-60abb11e74e6e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
192.124.249.175200 OK 5.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Web Open Font Format (Version 2), TrueType, length 5496, version 1.0\012- data
Hash 7c6fbd8a2fc6d6788ac753dabb971aff
39d1384aa489b5d4616f8ecfe5b9f682f1a7a40a
f9ddd585e9e65c686ae9ea771a5c9ec9cb17445fe27e8ff68cfb77750fb8cd0e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/wp-content/themes/flatsome/assets/css/fl-icons.css?ver=3.3
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: font/woff2
content-length: 5496
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Wed, 23 Sep 2020 00:39:32 GMT
etag: "184006a-1578-5aff05125d900"
vary: Accept-Encoding,User-Agent
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
104.18.11.207200 OK 84 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0
IP 104.18.11.207:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /font-awesome/4.1.0/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: font/woff
content-length: 83760
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "fdf491ce5ff5b2da02708cd0e9864719"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 08/25/2022 04:48:59
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: be8c53bbe981ca8bee98a76ffecf0d7b
cdn-cache: HIT
cf-cache-status: HIT
age: 2
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82dafbdd4fae7128-OSL
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-J15PSCX1XK&l=dataLayer&cx=c
142.250.74.168200 OK 81 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-J15PSCX1XK&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash 599cd1d86ecd22af42e11b1fc374a3c9
32f59ac0773196660e41fbb530d09760b6ad3340
b2bda047c6627a67132a566e69ce375f2ad24e766d305c2b76faec827132f59d
GET /gtag/js?id=G-J15PSCX1XK&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Nov 2023 12:51:44 GMT
expires: Wed, 29 Nov 2023 12:51:44 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80968
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-axios-5b534ba5fee8c845d3c9.js
192.124.249.175200 OK 12 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-axios-5b534ba5fee8c845d3c9.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (28882)
Hash 2ed2592a03563a509372cdd3baf63997
b54b7a4f8da344d6e437221aa8c22dd2b185df4b
9afd0813d5d6b1a5c2a059cf89a714a212b36b3d95e970195f42245671d970e2
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-axios-5b534ba5fee8c845d3c9.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 11468
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c011a6-729a-60af80c4e68d6-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-core-js-faa0729f3d70b92fba4e.js
192.124.249.175200 OK 27 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-core-js-faa0729f3d70b92fba4e.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (56464), with LF, NEL line terminators
Hash 5dacb17d82e127fd19a7e85b35b8c790
463195b3e8e3d98826117897239b900eca04e9fc
c004d75ec28fc7a3cc578d999cb041ab653718c3ffe1b5e328ee17cf3995e1f3
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-core-js-faa0729f3d70b92fba4e.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 26659
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c011a8-110ef-60af80c4e70a7-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vue-0425bd74b1639c1bdf96.js
192.124.249.175200 OK 53 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vue-0425bd74b1639c1bdf96.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (65080)
Hash 313acc9bdec951749ff3cc9933a09c3d
7187dd7593594a78fbb0de40266fbe1548b684b3
48567ff7d1b4083619fb022da93dc21272faf6793b7f1aa07c5a18faed11064c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vue-0425bd74b1639c1bdf96.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 52553
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c0123e-2235c-60af80c4eda1f-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vuex-e6385d99c7657b293e98.js
192.124.249.175200 OK 4.4 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vuex-e6385d99c7657b293e98.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (13108)
Hash 4e45afb9fb05cd087f891ebaca3b7fe2
554f9cb2db19c02afedde1262239bd7c9e197dc9
7f2d4adba0c50dcaaa00c9d05acf21021802123f482d3f0d3434d6fef8e0c610
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vuex-e6385d99c7657b293e98.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 4351
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c01241-34fc-60af80c4ede07-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-numeral-6f21eae20bb07c910c8f.js
192.124.249.175200 OK 4.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-numeral-6f21eae20bb07c910c8f.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (11075)
Hash f374b983bc7a6e867af19f8356fc7319
3cdb0f6ee4835df7e7a2e1ee088c6dc0efe68e04
fda231253ab72d1887e7af8057c9bfdca4f30ad7d549c313f487b82034552294
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-numeral-6f21eae20bb07c910c8f.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 4223
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c0123a-2de1-60af80c4ed637-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/main-9808b71e0d9896ced049.js
192.124.249.175200 OK 11 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/main-9808b71e0d9896ced049.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (34023)
Hash 3e20496220bae419776754f25067445b
df5da22a4aa90a1853c29eeda9c70098cfc00f33
8e8fb2bc1cf88a3c0fc30ace495bee3d4cf770aaf171f92a5256d92c8b880c8c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/main-9808b71e0d9896ced049.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 11041
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c01191-86d2-60af80c4e554e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-main-5efa756aefb4b69a3b46.js
192.124.249.175200 OK 20 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-main-5efa756aefb4b69a3b46.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (59630)
Hash 6f49683b4e82b0d05af5dba6b22f1620
5541127c28abf1667091ef84db5375e4b3eb668b
56a9ef17ad596a63e60bfa5baacf20c4279d4be423ace7eb7436adfffe18c6d7
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-main-5efa756aefb4b69a3b46.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 19580
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c011b1-ed6e-60af80c4e842f-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/main.css?hash=c24e1f1a33eb07df2fd1
192.124.249.175200 OK 25 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/main.css?hash=c24e1f1a33eb07df2fd1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (56845)
Hash e5dcb76e7936c90161dea6dbc4590177
50bfaa17793e5fcf2a1545ce0bfd28081fe4987b
fbacd303bc83ce697fc367573e43e257d452d9ee4214a47bb7830bb50ffdf0d6
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/main.css?hash=c24e1f1a33eb07df2fd1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: text/css
content-length: 24732
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c01192-2215b-60af80c4e5936-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/modules-252105f5550ad515f778.js
192.124.249.175200 OK 60 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/modules-252105f5550ad515f778.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Unicode text, UTF-8 text, with very long lines (65077)
Hash 6350ad8749e18977bca75f16cedc6d1a
9f9ee57dea773618a2ee0ac10795ad92adcb9082
799d1249949feafc94f377b1fef0bad94c9750f342ea8612136bb178de08f1b0
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/modules-252105f5550ad515f778.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c01194-2b496-60af80c4e5d1e-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
embed.tawk.to/5ed26e73c75cbf1769f0d17c/default
104.22.25.131200 OK 712 B URL GET HTTP/2 embed.tawk.to/5ed26e73c75cbf1769f0d17c/default
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash c14c0127a5494c55e0f765142497befa
ce2cb3d18f5e570cf75faadb060a57519dd36489
98807c15561634ecf9b8b73e202cfd049c5ca6fe7a1f170fa6fb9ded16809da2
GET /5ed26e73c75cbf1769f0d17c/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-6549ac0173e"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbddedbe56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-style-loader-63d623b0704de52fbebc.js
192.124.249.175200 OK 1.5 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-style-loader-63d623b0704de52fbebc.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (2538)
Hash 92f57bfb5ddbe773e5a3e7cfb5084afb
a3d64e830ce2db6ecb19825c3527dbf641e98d64
645ff0730d3c1cdf8ed2b964513c0b19e4e33c3483347868621edbb800942eaf
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-style-loader-63d623b0704de52fbebc.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 1476
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c0123c-bb2-60af80c4ed637-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-css-loader-410dc5b7cab30bf07bb7.js
192.124.249.175200 OK 871 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-css-loader-410dc5b7cab30bf07bb7.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (1224)
Hash 51d98f454ab2239bb471bdf42d78468d
4051cb3f0bf6ccd9ed8a120c9a2eb0f358e02a7d
15eed4fa85a67365c8af4e1dcff43e14230b01f50e06884a0bad30325bfe85c3
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-css-loader-410dc5b7cab30bf07bb7.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 871
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c011a9-690-60af80c4e70a7-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
216.58.207.227200 OK 24 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP 216.58.207.227:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:56 GMT
expires: Fri, 22 Nov 2024 23:21:56 GMT
cache-control: public, max-age=31536000
age: 480589
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vue-loader-aeae794db9f8e41b7d7f.js
192.124.249.175200 OK 387 B URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vue-loader-aeae794db9f8e41b7d7f.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash 29877b88537f612f9d007c483ef1590c
77361130d336c2174ef0a986a026601b86099b44
24ccf1ec2d693d5629892d75734ba4a885c1393a195eea1f657635dd1c805c4c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/vendor-vue-loader-aeae794db9f8e41b7d7f.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: application/javascript
content-length: 387
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c0123f-260-60af80c4eda1f-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
216.58.207.227200 OK 23 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 216.58.207.227:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:24:32 GMT
expires: Fri, 22 Nov 2024 23:24:32 GMT
cache-control: public, max-age=31536000
age: 480433
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/uploads/2016/09/cropped-logo-192x192.gif
192.124.249.175200 OK 9.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/uploads/2016/09/cropped-logo-192x192.gif
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type GIF image data, version 87a, 192 x 192\012- data
Hash c2b10fabac8834e6375b82b2019d527a
a6b3daf24064ef0323a25aeeebd058415dd96090
3643764f71927435747b50cf4a337c141e0f0e5b68a8fe593d27126eab1a0c2a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2016/09/cropped-logo-192x192.gif HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: image/gif
content-length: 9246
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 09 Sep 2016 20:07:26 GMT
etag: "18408d2-241e-53c18b1f41b80"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
142.250.74.163200 OK 63 B URL GET HTTP/2 www.google.no/pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
IP 142.250.74.163:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.google.no
Fingerprint6E:E4:BC:4A:67:5E:46:6A:B3:E4:CA:61:A7:C0:97:AB:14:F0:34:32
ValidityMon, 23 Oct 2023 11:27:27 GMT - Mon, 15 Jan 2024 11:27:26 GMT
File type ASCII text, with no line terminators
Hash ad8b6f08655797587cdec719a94efe59
182adf5a140796f81e930649d05654dbf22fd5b7
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
GET /pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ambujagroup.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 12:51:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/ticker-quotes-widget-b4e13b8a0adb3f87c19f.js
192.124.249.175200 OK 5.1 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/ticker-quotes-widget-b4e13b8a0adb3f87c19f.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (45078)
Hash 54609d46d13a59aa83fd170773840837
e9e8b780d8076f0cfd8d730e9e70ed9ae0c107f3
d64112172dc619741fd06d98c3fe905d04d44a49490550a0f8d862d309b4cff5
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/ticker-quotes-widget-b4e13b8a0adb3f87c19f.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
content-length: 5085
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c011a2-b1de-60af80c4e64ee-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/themes/flatsome/favicon.ico
192.124.249.175404 Not Found 56 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/themes/flatsome/favicon.ico
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9462), with CRLF, LF line terminators
Hash a482553dc2da4ac144ba5b7f3d21aa17
efe0d5e3aded578200d88e45505e10a2289f6361
e3b903982f6c8c0706a1b691cd4c134ee3c066c5030100cd3cde18d9371e59cd
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/themes/flatsome/favicon.ico HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: text/html; charset=UTF-8
content-length: 55479
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://www.ambujagroup.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-admin/admin-ajax.php?action=smwGetMarketData&nonce=&api=yf&type=ticker-quotes&assets[]=GAEL.NS
192.124.249.175200 OK 443 B URL GET HTTP/2 www.ambujagroup.com/wp-admin/admin-ajax.php?action=smwGetMarketData&nonce=&api=yf&type=ticker-quotes&assets[]=GAEL.NS
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type JSON data\012- , ASCII text, with very long lines (737), with no line terminators
Hash c6ced296b3d34089c85c3d1f1c5fe16b
9bdec69aa6d7e9d877b617572bcd3d9220e450a9
6e27c7e9daf1f3592e35ce55fa0077052e40e00b60f28d90282e6c1df16e5134
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-admin/admin-ajax.php?action=smwGetMarketData&nonce=&api=yf&type=ticker-quotes&assets[]=GAEL.NS HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: text/html; charset=UTF-8
content-length: 443
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-admin/admin-ajax.php?action=smwGetMarketData&nonce=&api=yf&type=ticker-quotes&assets[]=GAEL.NS
192.124.249.175200 OK 441 B URL GET HTTP/2 www.ambujagroup.com/wp-admin/admin-ajax.php?action=smwGetMarketData&nonce=&api=yf&type=ticker-quotes&assets[]=GAEL.NS
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type JSON data\012- , ASCII text, with very long lines (736), with no line terminators
Hash f5901473a7d9de605b7f15af1a4311f1
c7a610d44dea5ff1fde61db79642cda7d0110a79
67cad4cc2c55fee68a443ad9faa9b28998902485e4be5e474c55042ac2d5368c
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-admin/admin-ajax.php?action=smwGetMarketData&nonce=&api=yf&type=ticker-quotes&assets[]=GAEL.NS HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: text/html; charset=UTF-8
content-length: 441
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
content-security-policy: upgrade-insecure-requests;
x-robots-tag: noindex
x-content-type-options: nosniff, nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN, SAMEORIGIN
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: BYPASS
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/uploads/2016/09/cropped-logo-192x192.gif
192.124.249.175200 OK 9.2 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/uploads/2016/09/cropped-logo-192x192.gif
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type GIF image data, version 87a, 192 x 192\012- data
Hash c2b10fabac8834e6375b82b2019d527a
a6b3daf24064ef0323a25aeeebd058415dd96090
3643764f71927435747b50cf4a337c141e0f0e5b68a8fe593d27126eab1a0c2a
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/uploads/2016/09/cropped-logo-192x192.gif HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0; TawkConnectionTime=1701262311342; twk_idm_key=FPVefs_YkrjBq5DY7HaX8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: image/gif
content-length: 9246
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Fri, 09 Sep 2016 20:07:26 GMT
etag: "18408d2-241e-53c18b1f41b80"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-runtime.js
104.22.25.131200 OK 6.6 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-runtime.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (2306), with no line terminators
Hash 2369bd11bd41e47e53691438c8e45c5b
fc893f7b8e0a69e4a46d95cb79d88b9e549065e7
ccd99011422a5bbbb1f6965cd19ff9f76e435e5bea6dd84a85767392e03ea42d
GET /_s/v4/app/6549ac0173e/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"2369bd11bd41e47e53691438c8e45c5b"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe85ba356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
104.22.25.131200 OK 47 kB URL GET HTTP/3 embed.tawk.to/_s/v4/assets/images/attention-grabbers/168-r-br.svg
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (22356), with no line terminators
Hash f66e029841759471d2ec78b86760dca7
d9db67738984efee3dd63cb144759ac0521c7dda
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
GET /_s/v4/assets/images/attention-grabbers/168-r-br.svg HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: image/svg+xml
last-modified: Sat, 22 May 2021 07:25:19 GMT
etag: W/"f66e029841759471d2ec78b86760dca7"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 189318
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbee9af256bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
embed.tawk.to/_s/v4/app/6549ac0173e/css/min-widget.css
104.22.25.131200 OK 54 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/css/min-widget.css
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (24751), with no line terminators
Hash d4f9ad34fae3ba64cbc48057dc47e968
f8d0d55dc6e9b5d53f74b0b8bfc5e2edbdb0618d
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
GET /_s/v4/app/6549ac0173e/css/min-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=24831
access-control-allow-origin: *
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
last-modified: Tue, 07 Nov 2023 03:18:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 284278
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbee4a2356bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-app.js
104.22.25.131200 OK 154 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-app.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Size 154 kB (154212 bytes)
Hash e736e189edb5d0d9d5b8e7f23dd9114a
bcabee193f13756fa9154fc492fe420c47140343
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
GET /_s/v4/app/6549ac0173e/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe85939b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
va.tawk.to/v1/widget-settings?propertyId=5ed26e73c75cbf1769f0d17c&widgetId=default&sv=undefined
104.22.25.131200 OK 27 kB URL GET HTTP/3 va.tawk.to/v1/widget-settings?propertyId=5ed26e73c75cbf1769f0d17c&widgetId=default&sv=undefined
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (2601), with no line terminators
Hash c9e9ac01fdf60949693841e2f94a25d2
8049977d4273f3488be36ce8b277a6cd36e118ca
2343ae534a3ee0c97ddeb233cded5d9ce8d72544bcc305f16de614bacddaae0a
GET /v1/widget-settings?propertyId=5ed26e73c75cbf1769f0d17c&widgetId=default&sv=undefined HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ambujagroup.com/
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-2krp
access-control-allow-origin: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
cache-control: public, max-age=7200, s-maxage=1800
etag: W/"2-3-0"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 1
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe90a05b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 5.8 kB URL aus5.mozilla.org/update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
File type gzip compressed data, max speed, from Unix\012- data
Hash 10f286be35f9cb305ad394ea4104fc1c
4c57898405d1d64506bf4bd7eb7dea83be6efda7
6e7c13bda12bc46a3e004da9936727920f4ea7c97de3900ca7bd5f00b2cac449
GET /update/3/GMP/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:52:00 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2023-12-29-19-51-25.chain; p384ecdsa=JcSSmfsx3uferWxbWZ1cQJUPg5ICr3qCPXUuzHI40V8q1ELsbPCARDSxuoOPFBYcBEdz2konCcAnFmQaL9IB5rInlYZwoQd9r1chaguW0GoNaHT2msQnlClcc73r0msS
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-vendors.js
104.22.25.131200 OK 88 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-vendors.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65464)
Hash 86b32a04921a039ace69980bacd1b639
ca9a6e342590d510a0cf480c4131eb420ba5b410
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
GET /_s/v4/app/6549ac0173e/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"86b32a04921a039ace69980bacd1b639"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe83b7d56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-2d0b383d.js
104.22.25.131200 OK 12 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-2d0b383d.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (699), with no line terminators
Hash 838903127a65ec440893b4945c40ca4a
827f3e5341f56fa4473d53b788af41ec6bf21b8b
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
GET /_s/v4/app/6549ac0173e/js/twk-chunk-2d0b383d.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"838903127a65ec440893b4945c40ca4a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 636141
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed885e56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
2.18.121.79 512 kB URL ciscobinary.openh264.org/openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip
IP 2.18.121.79:0
File type Zip archive data, at least v2.0 to extract, compression method=deflate\012- data
Size 512 kB (511815 bytes)
Hash 152eda253e242e18443ef3282495bc7c
ff0fa85565f21ec4931baad4573b4c0bd08c4019
8e03090fee16f6e0ee2e436af8e51d0c3deed6d9f0db80dec048e668fc009a48
GET /openh264-linux64-2e1774ab6dc6c43debb0b5b628bdf122a391d521.zip HTTP/1.1
Host: ciscobinary.openh264.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Last-Modified: Thu, 16 Nov 2023 07:38:15 GMT
ETag: 152eda253e242e18443ef3282495bc7c
Content-Length: 511815
Accept-Ranges: bytes
X-Timestamp: 1700120294.87662
Content-Type: application/zip
X-Trans-Id: tx8c0ef9e37b1a4ab29193d-0065580fd1dfw1
Cache-Control: public, max-age=174839
Expires: Fri, 01 Dec 2023 13:25:59 GMT
Date: Wed, 29 Nov 2023 12:52:00 GMT
Connection: keep-alive
embed.tawk.to/_s/v4/app/6549ac0173e/languages/en.js
104.22.25.131200 OK 17 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/languages/en.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with CRLF, LF line terminators
Hash 7f37a030886ec7fce1d065ec482789ee
661ad608ac1513e2ccdec4cd55eb552a8604c8f6
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
GET /_s/v4/app/6549ac0173e/languages/en.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"7f37a030886ec7fce1d065ec482789ee"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: STALE
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 30414
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe94a4056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
va.tawk.to/v1/session/start
104.22.25.131200 OK 105 B URL POST HTTP/3 va.tawk.to/v1/session/start
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash ff6761d8b61cb57d34db6c87a5384051
ccc389a6e25613cb5c7072f16274ad5931e21554
38b5d0f108fad55331c447800173293500a87bce9df116bdc627081501480cba
POST /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ambujagroup.com/
Content-Type: application/json; charset=utf-8
Content-Length: 197
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/json
x-served-by: visitor-application-preemptive-m3s4
access-control-allow-origin: https://www.ambujagroup.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbea2b2eb523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
kit-free.fontawesome.com/releases/latest/css/free.min.css
172.67.218.119200 OK 60 kB URL GET HTTP/2 kit-free.fontawesome.com/releases/latest/css/free.min.css
IP 172.67.218.119:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerLet's Encrypt
Subjectkit-free.fontawesome.com
FingerprintA2:05:CF:50:C5:49:CE:9D:7D:25:2C:45:F7:A2:73:09:88:F5:32:9D
ValidityTue, 31 Oct 2023 07:07:17 GMT - Mon, 29 Jan 2024 07:07:16 GMT
File type ASCII text, with very long lines (60130)
Hash a12ec7ebe75a4d59a5dd6b79e2ba2e16
28f5dcc595ee6d4163481ef64170180502c8629b
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
GET /releases/latest/css/free.min.css HTTP/1.1
Host: kit-free.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:45 GMT
content-type: text/css
x-amz-id-2: ckwaI7MO+WYhG/5UbozNtWhl9bkijnicrQEMbtQajsXORWxabgmtVfQTEJKX+VWXF3vVozi2eA0=
x-amz-request-id: 2W308YM0X64HNXRA
last-modified: Wed, 04 Aug 2021 21:22:50 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=1800
cf-cache-status: HIT
age: 776
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eMYKvX6t5imi5Gxpg1R3B%2FeaeZKJwjx5IbKTXzVziAJtlzJMKaJt%2FDeSjRFAqrK26p8JvZ3t3UCD9GZzq4Ozxvj3oKIVYm%2BQfscX51xqjOUnDhldipCqD4qZMyL%2FD0sjd9MwaFfv%2Bi0Ztv8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82dafbe2f83c712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/css/bubble-widget.css
104.22.25.131200 OK 14 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/css/bubble-widget.css
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (13521), with no line terminators
Hash 950518e32fd92957181f766f08d3cf98
9fe20c86b818d3576e9d70e6ed091964cb8b7427
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
GET /_s/v4/app/6549ac0173e/css/bubble-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=13594
access-control-allow-origin: *
etag: W/"ce7913b80c763449b3895d46419f7a6b"
last-modified: Tue, 07 Nov 2023 03:18:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: STALE
cf-cache-status: HIT
age: 209676
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbee6a7356bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
216.58.207.227200 OK 5.5 kB URL GET HTTP/2 fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2
IP 216.58.207.227:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 5472, version 1.0\012- data
Hash 4bde07f991ba6af69a1e009fd7ce9d1a
ed53e9f8967142ea4aa2fd113f696799319d91b2
1c2fc265baaeba4f3f5b8c7285b93343aead25590f08be73d3056718b376c5d7
GET /s/lato/v24/S6uyw4BMUTPHjxAwXjeu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 5472
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:24:24 GMT
expires: Fri, 22 Nov 2024 23:24:24 GMT
cache-control: public, max-age=31536000
age: 480443
last-modified: Tue, 02 May 2023 15:17:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/css/message-preview.css
104.22.25.131200 OK 41 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/css/message-preview.css
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (40699), with no line terminators
Hash c7393b57847a249cf71e453cff9c5693
2b151e46ff61023cac973343c951b4210cd4d374
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
GET /_s/v4/app/6549ac0173e/css/message-preview.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=40832
access-control-allow-origin: *
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
last-modified: Tue, 07 Nov 2023 03:18:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 463157
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbee6a9c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.193.229200 OK 303 kB URL GET HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.193.229:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Size 303 kB (302554 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Wed, 29 Nov 2023 12:51:47 GMT
age: 20685201
x-served-by: cache-fra-eddf8230136-FRA, cache-bma1682-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-common.js
104.22.25.131200 OK 220 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-common.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Size 220 kB (219989 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/6549ac0173e/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"72cdc9849868f49ab20a7a4a581454f9"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe85ba256b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/b6879d41b0852f01ed5b.woff2
192.124.249.175200 OK 150 kB URL GET HTTP/2 www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/b6879d41b0852f01ed5b.woff2
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type Web Open Font Format (Version 2), TrueType, length 150020, version 772.1280\012- data
Size 150 kB (150020 bytes)
Hash d5e647388e2415268b700d3df2e30a0d
97f0942c6627ddd89fb62170e5cac9a2cbd6c98c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-content/plugins/premium-stock-market-widgets/assets/dist/b6879d41b0852f01ed5b.woff2 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/wp-content/plugins/premium-stock-market-widgets/assets/dist/main.css?hash=c24e1f1a33eb07df2fd1
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0; TawkConnectionTime=1701262311342; twk_idm_key=FPVefs_YkrjBq5DY7HaX8
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: font/woff2
content-length: 150020
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 25 Nov 2023 11:05:34 GMT
etag: "1c0117a-24a04-60af80c4db90e"
vary: Accept-Encoding,User-Agent
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/css/max-widget.css
104.22.25.131200 OK 78 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/css/max-widget.css
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash d778223a957b2d3cdc540ff6547c0bfd
6fea621f551d26661f3a87c5d56d66b15afd0aca
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
GET /_s/v4/app/6549ac0173e/css/max-widget.css HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: text/css
cache-control: public, max-age=2592000, immutable
cf-bgj: minify
cf-polished: origSize=78180
access-control-allow-origin: *
etag: W/"0ab357443b798b4a1db6c4f22b1590f4"
last-modified: Tue, 07 Nov 2023 03:18:37 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-cache-status: HIT
cf-cache-status: HIT
age: 370005
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbee7aa656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.ambujagroup.com/wp-includes/css/dashicons.min.css?ver=6.4.1
192.124.249.175200 OK 59 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/css/dashicons.min.css?ver=6.4.1
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.4.1 HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:44 GMT
content-type: text/css
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Thu, 04 Mar 2021 09:46:22 GMT
etag: "1724af0-e688-5bcb2d7117780-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-2c776523.js
104.22.25.131200 OK 7.9 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-2c776523.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (8581), with no line terminators
Hash 66deb9d660a0528e2b3909ad3d97a340
fb03d0b3b97a251e4a6812b15c4f1876319e8692
97c305538967ed36cf2a69655a89781ff79cf1200dece2b19b4ad400c242f0c4
GET /_s/v4/app/6549ac0173e/js/twk-chunk-2c776523.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"589bcaf3fa2f5394494ee99582c6bee6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 123454
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed784856bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.google.com/pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
142.250.74.100302 Found 43 B URL GET HTTP/2 www.google.com/pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP 142.250.74.100:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Nov 2023 12:51:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/11058404206/?random=1701262308056&cv=11&fst=1701262308056&bg=ffffff&guid=ON&async=1>m=45be3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.ambujagroup.com%2Fgkonf%2Frentfree.zip&label=usUlCKna6YYYEO62h5kp&hn=www.google.com&frm=0&tiba=Page%20not%20found%20-%20Gujarat%20Ambuja%20Exports%20Limited>m_ee=1&auid=1244058969.1701262308&data=event%3Dconversion&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ambujagroup.com/favicon.ico
0.0.0.0 0 B URL GET www.ambujagroup.com/favicon.ico
IP 0.0.0.0:0
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-2d0b9454.js
104.22.25.131200 OK 535 B URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-2d0b9454.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (557), with no line terminators
Hash 3f4a6312d60391bda06462d7321ffcdc
9f09295297840a36d2ac95344b39b0af1a729f82
28d61df22c079e51c45b6f87db516f03cb85cf3f2c3a970be369944c3f91bcf1
GET /_s/v4/app/6549ac0173e/js/twk-chunk-2d0b9454.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"c506281367048d4a134c9affbc68c8c6"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 544689
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed987b56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
151.101.193.229200 OK 303 kB URL GET HTTP/2 cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js
IP 151.101.193.229:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
Size 303 kB (302554 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /emojione/2.2.7/lib/js/emojione.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
content-encoding: br
accept-ranges: bytes
date: Wed, 29 Nov 2023 12:51:47 GMT
age: 20685201
x-served-by: cache-fra-eddf8230136-FRA, cache-bma1682-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-48f3b594.js
104.22.25.131200 OK 19 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-48f3b594.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (18850), with no line terminators
Hash 47db95af2c62c97e1a27f8588673834d
649bc52740e10b8e4b4f6f81bf35411b3627935e
95e02c2271f74519b9f70eb8dfcad4735bcd7ac485b0bfcf953fdc246bde4c86
GET /_s/v4/app/6549ac0173e/js/twk-chunk-48f3b594.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"47db95af2c62c97e1a27f8588673834d"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: STALE
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 289569
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed886356bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-4fe9d5dd.js
104.22.25.131200 OK 906 B URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-4fe9d5dd.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (956), with no line terminators
Hash 7b31fafdf609238b7f4574e44057af5b
f4f849145e5beaff38b9e47e3c5c3e7e4945d70a
2b7dfb20a5ee49b709a4adc3412bd7d5e00539c1ef93a1a58c4ec58816c81ed3
GET /_s/v4/app/6549ac0173e/js/twk-chunk-4fe9d5dd.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 202581
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed986f56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.ambujagroup.com/wp-includes/js/zxcvbn.min.js
192.124.249.175200 OK 822 kB URL GET HTTP/2 www.ambujagroup.com/wp-includes/js/zxcvbn.min.js
IP 192.124.249.175:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerStarfield Technologies, Inc.
Subjectambujagroup.com
Fingerprint64:DF:CB:72:4B:F2:0C:9D:C9:CE:49:B6:47:EC:52:C2:90:2F:F3:6A
ValiditySat, 26 Aug 2023 08:13:18 GMT - Mon, 26 Aug 2024 08:13:18 GMT
File type ASCII text, with very long lines (53869)
Size 822 kB (822237 bytes)
Hash 027c098ebca6235056092f7b954dfc5f
1ea18e5e6ece74f6f3a7c1a57d2ac2462c9c666b
daa6634ed8d6376bfd22d8f68942d00e1b56db0fa8c9f90ba2af52734dd5593b
Analyzer Verdict Alert mnemonic secure dns malicious Sinkholed
Quad9 DNS malicious Sinkholed
GET /wp-includes/js/zxcvbn.min.js HTTP/1.1
Host: www.ambujagroup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/gkonf/rentfree.zip
Cookie: _gcl_au=1.1.1244058969.1701262308; _ga_KZD028QFL7=GS1.1.1701262308.1.0.1701262308.0.0.0; _ga=GA1.1.1210836475.1701262308; _ga_J15PSCX1XK=GS1.1.1701262309.1.0.1701262309.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
x-sucuri-id: 19025
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
last-modified: Sat, 26 Oct 2019 12:47:06 GMT
etag: "1724e51-c8bdd-595cfa9f92680-gzip"
vary: Accept-Encoding,User-Agent
content-encoding: gzip
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-sucuri-cache: MISS
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CLato:regular,regular
142.250.74.106200 OK 1.4 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CLato:regular,regular
IP 142.250.74.106:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (1474), with no line terminators
Hash d4ef74945282029ea110fcd0e0791fff
283dfa5582454b7ea9fe06304042791160b8fc57
4ba080ed4b6167304a95e77d698ecf764190010454b8b16aa7d52205bdd06fff
GET /css?family=Lato:regular,700%7CLato:regular,400%7CLato:regular,700%7CLato:regular,regular HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 29 Nov 2023 12:51:45 GMT
date: Wed, 29 Nov 2023 12:51:45 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-vendor.js
104.22.25.131200 OK 83 kB URL GET HTTP/2 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-vendor.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_s/v4/app/6549ac0173e/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe83b7956b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-9294da6c.js
104.22.25.131200 OK 18 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-9294da6c.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (17930), with no line terminators
Hash 751a8c2fa870d0a6b7d3a4eb10f7319b
898d17e4c7d3f9fcadebbc8d2e47c071fe23697f
fe18d700aa574127472795bb7369624cb90ca55f62d66b548eb7df53d2a46a74
GET /_s/v4/app/6549ac0173e/js/twk-chunk-9294da6c.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"751a8c2fa870d0a6b7d3a4eb10f7319b"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 460526
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed785056bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
va.tawk.to/v1/session/start
104.22.25.131200 OK 0 B URL OPTIONS HTTP/3 va.tawk.to/v1/session/start
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v1/session/start HTTP/1.1
Host: va.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.ambujagroup.com/
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
x-served-by: visitor-application-preemptive-d3ms
access-control-allow-origin: https://www.ambujagroup.com
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: content-type,x-tawk-token
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe92a13b523-OSL
alt-svc: h3=":443"; ma=86400
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
216.58.207.202200 OK 13 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 216.58.207.202:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 04:57:11 GMT
expires: Fri, 22 Nov 2024 04:57:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 546874
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
104.18.11.207200 OK 21 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.1.0/css/font-awesome.min.css
IP 104.18.11.207:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (20604)
Hash bbfef9385083d307ad2692c0cf99f611
63a234ea4d60f6643a60a4d79e28f291b93c1743
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
GET /font-awesome/4.1.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:43 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"bbfef9385083d307ad2692c0cf99f611"
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 10/31/2023 19:04:20
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 0d96e4a85e57a2c221bf4844ee855c72
cdn-cache: HIT
cf-cache-status: HIT
age: 643459
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82dafbd4ec220b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-main.js
104.22.25.131200 OK 121 B URL GET HTTP/2 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-main.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 3b41342f7e3be590563e8e3b5ff770c7
c9ca54d23ea78b320f080b76e22bb6b4e704d55f
ef04d89daeed55613a63a4af62c147ce86e4a7f22c8ce700dd6bdb11ab187e43
GET /_s/v4/app/6549ac0173e/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ambujagroup.com
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 29 Nov 2023 12:51:46 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 2
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbe83b7656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-f1565420.js
104.22.25.131200 OK 11 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-f1565420.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (10992), with no line terminators
Hash e66b5b5406f1411c203d6a14b3268446
16d128903623ff99706f40ec7a35d85d44caff21
1221dfd515b54f32dc7d169eb8c5bbc892d85c310ef286aa9b80eeeef2cf9643
GET /_s/v4/app/6549ac0173e/js/twk-chunk-f1565420.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"e66b5b5406f1411c203d6a14b3268446"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 628828
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed785756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-24d8db78.js
104.22.25.131200 OK 110 kB URL GET HTTP/3 embed.tawk.to/_s/v4/app/6549ac0173e/js/twk-chunk-24d8db78.js
IP 104.22.25.131:443
Requested by https://www.ambujagroup.com/gkonf/rentfree.zip
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint61:E8:BF:90:FC:F6:AA:AD:96:84:8C:EE:A7:5A:5E:1A:AA:60:57:E3
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (65464)
Size 110 kB (110194 bytes)
Hash 519cd8dd510e341d4270a4d8445b203c
f6b73cb9a7c9d057e02fb346c1cb2d9aaf629e1c
793d0a6a56e7f7bec01bfab95ae6c1bba6a7a4d15f5c24e85143cf6730612b76
GET /_s/v4/app/6549ac0173e/js/twk-chunk-24d8db78.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.ambujagroup.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 29 Nov 2023 12:51:47 GMT
content-type: application/javascript
last-modified: Tue, 07 Nov 2023 03:18:38 GMT
etag: W/"519cd8dd510e341d4270a4d8445b203c"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: HIT
age: 450206
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82dafbed989a56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400