firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 09 Sep 2022 21:06:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 971QPOUtC3AgmxP6yHWubzWtTujlFUmNAgIMtuGdGgtcMmIC_D7GBQ==
Age: 3025
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f55e483f32b3fd50b1a2414aaada9b61
9d6b22edb98866e002e3b1ace44dfb0f8d00935f
4b09e1d2b887ded061e4ec5f82ec70ce699eeed428acc6b4fd3ef10ed9233c89
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4B09E1D2B887DED061E4EC5F82EC70CE699EEED428ACC6B4FD3EF10ED9233C89"
Last-Modified: Thu, 08 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7730
Expires: Sat, 10 Sep 2022 00:05:15 GMT
Date: Fri, 09 Sep 2022 21:56:25 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 09 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KBewIONdQ8mxKlFkDzUI8zypJtvS9rZ3f_zPrDRjvxRLUJAH00l8FQ==
age: 65391
X-Firefox-Spdy: h2
itrcchennai.com/velit-atque/documents.zip
204.11.59.34301 Moved Permanently 0 B URL HTTP/1.1 itrcchennai.com/velit-atque/documents.zip
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /velit-atque/documents.zip HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Sep 2022 21:56:25 GMT
Server: Apache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
X-Redirect-By: WordPress
Set-Cookie: aiovg_rand_seed=427964840; expires=Sat, 10-Sep-2022 21:56:25 GMT; Max-Age=86400; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://itrcchennai.com/velit-atque/documents.zip
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Sep 2022 21:56:25 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 09 Sep 2022 21:56:07 GMT
Cache-Control: max-age=3600
Expires: Fri, 09 Sep 2022 22:52:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jH3xn_1g6wcb_14zdf9JWostPmAT6E3hpbpuft24jFLLgzOK3iSPvw==
Age: 19
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dc02db8e11680fca7d79551a338c6a04
3ca5a92d10a43fa02c107a51b8378f4de2faee1f
8454336098f405fd9d8961461be111beb7a3ff3a6ad222850d4d399469f11571
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8454336098F405FD9D8961461BE111BEB7A3FF3A6AD222850D4D399469F11571"
Last-Modified: Wed, 07 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 10 Sep 2022 03:56:26 GMT
Date: Fri, 09 Sep 2022 21:56:26 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0c56e0b2955a5dd7f37ba4bbf5727b4
f435bd1f6fb8ec931f1817fe4b91e6b86a7cb14b
99f7da9dca677db8e9cec5491c0d6d8a86b9c5e907907c2fdd30973c747f4282
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6158
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 21:56:26 GMT
Last-Modified: Fri, 09 Sep 2022 20:13:48 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Jp6ZWwTm+3qjc7RUUer5xQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: J3eDvoZd3NxM9BT53eVraZzDEm0=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 21:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 21:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
itrcchennai.com/wp-content/plugins/be-gdpr/public/css/be-gdpr-public.css?ver=1.1.2
204.11.59.34200 OK 2.4 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-gdpr/public/css/be-gdpr-public.css?ver=1.1.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ef2c799c1b0fac3e835338c2bb7b06d2
175cda7497a17bc22936ac5253feb835333ef279
6db59700c18c9aabe28cfd54d5f33cb2b5dc83241f34022e8d5a26f179996f1c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-gdpr/public/css/be-gdpr-public.css?ver=1.1.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:16:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2443
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-gdpr/public/css/magnific-popup.css?ver=1.1.2
204.11.59.34200 OK 2.2 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-gdpr/public/css/magnific-popup.css?ver=1.1.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 757c165194bdd1de4ca4a38bfea220f7
c1d4a88790cd476995d9a5ff7db8de77cc39c5d0
772675dc2c0403949be38fc53d785d9124fad348324d0be6a75c174800afa8ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-gdpr/public/css/magnific-popup.css?ver=1.1.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:16:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2191
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/css/be-grid.min.css?ver=1.2.5
204.11.59.34200 OK 9.5 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/css/be-grid.min.css?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (26366)
Hash a43dd83566fd295f13be50db8e4b5428
6f838d74a38cd1ac760d85e6fafcd1debfab53b4
36123203cafbdd3aa48c09d1c7b14c78f3d6bc691dad29fe8c03daf620666bf2
GET /wp-content/plugins/be-grid/css/be-grid.min.css?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9502
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.9
204.11.59.34200 OK 10 kB URL HTTP/2 itrcchennai.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.9
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (27525)
Hash 0b646a55f0ebc37cd4ae2cce50bd1179
0b12c27e92d81610f17b5ee987d4b18750cfb64b
54ef42e9b72647708f504fd440238e52fa06ce13f525e475c887bd684129ec9a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=5.6.9 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 23 Feb 2021 03:20:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10377
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/stack-slider-3d-image-slider/assets/css/wp-sk-public.css?ver=1.4.1
204.11.59.34200 OK 133 B URL HTTP/2 itrcchennai.com/wp-content/plugins/stack-slider-3d-image-slider/assets/css/wp-sk-public.css?ver=1.4.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a9ea4a85b33f580725cdca088091794e
a32673ac2bee42c12cc4843f90132f66e7f9dcb0
e692595b1798dc46f476a3fee93365d95a237fc87393915fefa7ef801b5a832a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/stack-slider-3d-image-slider/assets/css/wp-sk-public.css?ver=1.4.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jan 2021 15:39:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 133
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1fa8224847ea7d9b4dc8e598fae4142
cb703a2944e58d97dd48a7e56ee9f4510ced78b4
920094aad2886535e2ba9e38d4731f63fbde93038d92b38f0030b0a0f47c2ac8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 21:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
itrcchennai.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
204.11.59.34200 OK 17 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash dd51edf690a16a5e067a25d8874e8489
10279f3155cb0eaffd55303ec459ef9a41ef0ddb
70eaa58b53a3269fab91ae897a3fc4f6d5ebc17171df2396159e1d3daeee1d40
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.15 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:17:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 16800
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/stack-slider-3d-image-slider/assets/css/swiper.min.css?ver=1.4.1
204.11.59.34200 OK 3.8 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/stack-slider-3d-image-slider/assets/css/swiper.min.css?ver=1.4.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (17459)
Hash bafaff7dbfe740fec06108182ee6bfdb
82f8cad8aa4c17f1ac439972f2ee5b0b461e8238
826bf718e9a923097142f49a22c6b0196c37cd2733d299c8191f884ad9a3c975
GET /wp-content/plugins/stack-slider-3d-image-slider/assets/css/swiper.min.css?ver=1.4.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jan 2021 15:39:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3849
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/tatsu/includes/icons/tatsu_icons/tatsu-icons.css?ver=5.6.9
204.11.59.34200 OK 5.5 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/tatsu/includes/icons/tatsu_icons/tatsu-icons.css?ver=5.6.9
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 8359e06954a31b51b19de670ee795bf9
0fc926b05445fc24490737667643e9dfadda16fb
e39fb138fef27e85c1458cbc13bba19fe49dfef05140afc33869aeec044d76e4
GET /wp-content/plugins/tatsu/includes/icons/tatsu_icons/tatsu-icons.css?ver=5.6.9 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:54:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5479
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent_child/style.css?ver=1.2.8.7
204.11.59.34200 OK 109 B URL HTTP/2 itrcchennai.com/wp-content/themes/exponent_child/style.css?ver=1.2.8.7
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 60b5dcdcd0f2593fcd2cc048d52bbf12
e3e10a7d72caed29b03c31d28831fea431473141
fb8cb48311ca754e658aa2204a7253530cc34fa074800a9bc40db92380f51693
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/exponent_child/style.css?ver=1.2.8.7 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 17:47:30 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 109
content-type: text/css
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent/fonts/icons.css?ver=1.2.8.7
204.11.59.34200 OK 470 B URL HTTP/2 itrcchennai.com/wp-content/themes/exponent/fonts/icons.css?ver=1.2.8.7
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 86eeaad8dff35716df485f9ea219c8c0
d7d7a8c41930811705965e68867b1f584d4fbc81
81b94d2c5331f56f16a34121c5d7eadfa9d79a78e2a29ca9dada7fc9aeedebfe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/exponent/fonts/icons.css?ver=1.2.8.7 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:15:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 470
content-type: text/css
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/all-in-one-video-gallery/public/assets/css/backward-compatibility.css?ver=2.4.4
204.11.59.34200 OK 877 B URL HTTP/2 itrcchennai.com/wp-content/plugins/all-in-one-video-gallery/public/assets/css/backward-compatibility.css?ver=2.4.4
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash adfe8deb6e2d317f519d39665c67b7e7
570cdd9131121e36eca7c58c956ed9ecc61e3133
8788388223dfaf93a07da14e52153db8dd0d8e55a01806d55dd86138b72fb48d
GET /wp-content/plugins/all-in-one-video-gallery/public/assets/css/backward-compatibility.css?ver=2.4.4 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:57:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 877
content-type: text/css
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-gdpr/public/js/be-gdpr-public.js?ver=1.1.2
204.11.59.34200 OK 2.1 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-gdpr/public/js/be-gdpr-public.js?ver=1.1.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 1a4abc912e7002ddd03153a1a92ce5be
a690115280db3be754827e7c085db38163d633e9
32a38a6546718692a4119f834c0e913ef7aaec7ce2f78b7e52513193b25b09a1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-gdpr/public/js/be-gdpr-public.js?ver=1.1.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:16:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2130
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.4.4
204.11.59.34200 OK 4.0 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.4.4
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (754), with CRLF line terminators
Hash 4bebbf5851ed342875583ca73a45be7b
bfaa121ba7ad3c1befa4ccfb43437c831a2d2d39
29a5fa762a33a7228a1615964c95de1a0df6de0e83da7ef50f56a45969b82df5
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/all-in-one-video-gallery/public/assets/css/public.css?ver=2.4.4 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:57:32 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4046
content-type: text/css
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent/css/vendor/vendor.min.css?ver=1.2.8.7
204.11.59.34200 OK 7.0 kB URL HTTP/2 itrcchennai.com/wp-content/themes/exponent/css/vendor/vendor.min.css?ver=1.2.8.7
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (21258)
Hash 1c9f10cab98c9d65a7d396362ab34e14
047c0538960c6ca43aff58419171f6ea33b85586
afd10881cb57321fbb04cceefb2e2c7d8a907060e2bf1a7486d72ee1700a880f
GET /wp-content/themes/exponent/css/vendor/vendor.min.css?ver=1.2.8.7 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:15:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6970
content-type: text/css
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
204.11.59.34200 OK 4.6 kB URL HTTP/2 itrcchennai.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:46:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/vendor/debouncedresize.min.js?ver=1.2.5
204.11.59.34200 OK 231 B URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/vendor/debouncedresize.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (356), with no line terminators
Hash e1bd9b803767b22d1b7a6813c4319cb0
c5b1da9b9de7321fe5e366f2b9463de0e6df1642
c5fa22628a8c71ca80840acd48fc65865c5d0a7e5fd3b6747a44c1651c1910f2
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-grid/js/vendor/debouncedresize.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 231
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/vendor/asyncloader.min.js?ver=1.2.5
204.11.59.34200 OK 431 B URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/vendor/asyncloader.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (713), with no line terminators
Hash 8f45e8ad0e756a15d9598a2347c13d45
ce7469f6c6944dd10a4fbc2011ecffd803313510
6120305a709861453fe10f521cf7a93182620d5b60f63e367595a596f1093ffa
GET /wp-content/plugins/be-grid/js/vendor/asyncloader.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 431
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/portfolio.min.js?ver=1.2.5
204.11.59.34200 OK 1.0 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/portfolio.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2035), with no line terminators
Hash 4595ad998d55b19e07ea66699064116b
224ee4484ff6d0ba499c138a3fb59cd99a6848c1
a2172d98c1e76acb5e1396589714a361972976586845dc20476bf52b99633b0a
GET /wp-content/plugins/be-grid/js/portfolio.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1002
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent/js/vendor/modernizr.min.js?ver=5.6.9
204.11.59.34200 OK 6.5 kB URL HTTP/2 itrcchennai.com/wp-content/themes/exponent/js/vendor/modernizr.min.js?ver=5.6.9
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (14505), with no line terminators
Hash 904ccf27416c17a3e4b095bcc9764d35
fbca1ec97b61a03c5b93b6fa356583f3079fdb83
0a51f27682a0419601c7875dfef733ded7a27fafc0e3f12e5f3141df04641d69
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/exponent/js/vendor/modernizr.min.js?ver=5.6.9 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:15:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6487
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/helpers.min.js?ver=1.2.5
204.11.59.34200 OK 823 B URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/helpers.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1694), with no line terminators
Hash 799d6c76f789ab5a2234a86e16297759
ea2061aa50ef59ad733ee5b4b670d7dc08d7d9c4
0e7f95f381c07c997efd59185851d5728639902d71d1376975e7ff0e6ae389ae
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-grid/js/helpers.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 823
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.9
204.11.59.34200 OK 4.9 kB URL HTTP/2 itrcchennai.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.9
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11272)
Hash 365a77ff4ecd6f029c81de14e2522c73
2a817a1e1091bdf10e562b746e7e9619ed5ef5d5
a46d0e1f9b302519b11da0266586429a4d6eaf6fb2914c29f0e9208f7d2eb355
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=5.6.9 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 06:56:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4942
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/velit-atque/documents.zip
204.11.59.34404 Not Found 37 kB URL HTTP/2 itrcchennai.com/velit-atque/documents.zip
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9921), with CRLF, LF line terminators
Hash 1a1570bec604226b26ff26ab940683b3
e3a56ccedabeaf2e35901948dffb11d5e9d671e6
973bcfb6a5fe3e97dd130169ae51b63f90e9d8135b94feb4877da2cbe82934cb
Analyzer Verdict Alert fortinet Malware
GET /velit-atque/documents.zip HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://itrcchennai.com/wp-json/>; rel="https://api.w.org/"
set-cookie: aiovg_rand_seed=4058664822; expires=Sat, 10-Sep-2022 21:56:26 GMT; Max-Age=86400; path=/
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/uploads/2021/02/cropped-itrc-2.png
204.11.59.34200 OK 18 kB URL HTTP/2 itrcchennai.com/wp-content/uploads/2021/02/cropped-itrc-2.png
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 140 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 609ada57586f423a94580ae393cfd9b8
92549e7bf112aa09f7b04ede2508b8010ab266da
8b96db775716eff116748bcf31fc5ea7b6f4e9637cb09a8752bc8805548b49eb
GET /wp-content/uploads/2021/02/cropped-itrc-2.png HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 09 Feb 2021 19:00:14 GMT
accept-ranges: bytes
content-length: 18176
content-type: image/png
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/exponent-modules/public/js/exp-modules.min.js?ver=2.1
204.11.59.34200 OK 2.6 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/exponent-modules/public/js/exp-modules.min.js?ver=2.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7146), with no line terminators
Hash dba3bdd2f8cdda95a0fc633a847c36e4
21fafe08c74f0aa9bf138152ec00c95d17a2dcad
58ca5e83413c7a2a0d476d4f835609ce7cf81c452e3a96914c04232cd2680a4e
GET /wp-content/plugins/exponent-modules/public/js/exp-modules.min.js?ver=2.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:16:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2583
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
204.11.59.34200 OK 3.2 kB URL HTTP/2 itrcchennai.com/wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8481)
Hash bb60660eb418fb4922e6ceed6028e5ae
7256a6f744a9f170fd72e078f0584840a9593e66
f1d8fde90617438fea283c1514e9f8ec63b728b2093610e1e270a5a302fb8d6a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/accordion.min.js?ver=1.12.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 06:56:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3247
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
204.11.59.34200 OK 4.7 kB URL HTTP/2 itrcchennai.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11738)
Hash e75316d4188ff262734321ba233f94d9
7dcac4408194b7e1faa68a94938111059820fc6b
06af2a413b8586dda3634d04e439fff7045855ca680fdf724e38e77fcba05257
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.12.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 14:44:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4746
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/tatsu/public/js/vendor/es6-promise.auto.min.js?ver=5.6.9
204.11.59.34200 OK 2.5 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/tatsu/public/js/vendor/es6-promise.auto.min.js?ver=5.6.9
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5913), with no line terminators
Hash 5645fe299e7d6d668faa08470b66f90a
9954c67b0c14b489e1faec27b7da2595a41a960a
e3a8d0ce492ecafb2797709210dfa410bf44a2b69904219c69bcc4563f059b10
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tatsu/public/js/vendor/es6-promise.auto.min.js?ver=5.6.9 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:54:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2543
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
204.11.59.34200 OK 8.2 kB URL HTTP/2 itrcchennai.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7973)
Hash 6e3b0317803aa9f226979ad7a7e77593
c95b4f532fd03f3754bf63139a57aab65fbe8a25
84520e8f7a292cb992fa9c62932245f598c6fa043fd4e19eadb6ad9a767dca6f
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Apr 2021 14:44:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8223
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/wp-embed.min.js?ver=5.6.9
204.11.59.34200 OK 777 B URL HTTP/2 itrcchennai.com/wp-includes/js/wp-embed.min.js?ver=5.6.9
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1391)
Hash 06ece4d01ee88297957c9f4cdcaa4df5
2b3321654a8ead1e1493eac9b5f1fdfb65e2037f
0b17eb6ab02e69f50ac52ca157375bd69853ae4f4796eb48a35eb4a12fc7af8b
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-embed.min.js?ver=5.6.9 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 04 Feb 2021 06:56:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 777
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/tatsu/public/js/tatsu-header.min.js?ver=3.2.6
204.11.59.34200 OK 3.3 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/tatsu/public/js/tatsu-header.min.js?ver=3.2.6
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8884), with no line terminators
Hash e486467eb6e3698c85f86f34266cfd04
0313d15cb80147605646d541faf0bbbbe84fa67c
5866e1e49321ea4bdce662ec4d23f2218319ecfb58cc6313749b55761ac556f4
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tatsu/public/js/tatsu-header.min.js?ver=3.2.6 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:54:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3255
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/tatsu/public/js/tatsu.min.js?ver=3.2.6
204.11.59.34200 OK 8.2 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/tatsu/public/js/tatsu.min.js?ver=3.2.6
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (26710), with no line terminators
Hash 676c1ccaa256735233a5ca977026b6df
48518f2c5de3c66cc0846037d89df88689d983ab
9f5d98181ba5e0dd30208f231795bd1bbc17be211eaf8a9fa2608df39deb2980
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/tatsu/public/js/tatsu.min.js?ver=3.2.6 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:54:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8195
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
204.11.59.34409 Conflict 83 B URL HTTP/2 itrcchennai.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
204.11.59.34409 Conflict 83 B URL HTTP/2 itrcchennai.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 21:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
142.250.74.163200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 10260, version 1.0\012- data
Hash e462f7ffb08d8bf86fff4aade61b0d72
bbebc3b747cc5c12b513070faa1ceaf3331df1d4
1f8cb94dc31befeebeb9b93a9ab4194e8b839edd9985d973b23514f7a6c52a0c
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://itrcchennai.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10260
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:11:58 GMT
expires: Tue, 05 Sep 2023 21:11:58 GMT
cache-control: public, max-age=31536000
age: 348269
last-modified: Mon, 18 Jul 2022 19:12:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ebc205cf750164c31d1fce2318d1636b
9309949107d69193b1c5156d45fbcc91e20a0fe4
4ab7f53d17c5d642e17a3e78aa93dc133c4713e44ccccb849f04fdcca62be8b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Sep 2022 21:56:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
itrcchennai.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
204.11.59.34409 Conflict 83 B URL HTTP/2 itrcchennai.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with no line terminators
Hash 26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 409 Conflict
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Anton&display=swap
142.250.74.10200 OK 75 kB URL HTTP/2 fonts.googleapis.com/css2?family=Anton&display=swap
IP 142.250.74.10:0
Hash 777d62a453372e48a945b2f07eb97bca
1a46fa4e2dfae38ec5735fcbe06e3d70bc805353
8b4e6840f00b86871e4a212b30a15fbc67227e138f8ac195915a8ae28b7b66a3
GET /css2?family=Anton&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 21:56:26 GMT
date: Fri, 09 Sep 2022 21:56:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
itrcchennai.com//wp-content/uploads/2020/09/foot.jpg
204.11.59.34200 OK 152 kB URL HTTP/2 itrcchennai.com//wp-content/uploads/2020/09/foot.jpg
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1880x1253, components 3\012- data
Size 152 kB (152530 bytes)
Hash a38f9ce12ee266d27a276265e787ebab
10220756b96ac05ecb39796237ca2cbf34410247
13cf8c66208e7fb89c8c2ffe3d21b5ad1807c05940d56519ab9a7e94992bc102
GET //wp-content/uploads/2020/09/foot.jpg HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Sep 2020 12:26:52 GMT
accept-ranges: bytes
content-length: 152530
content-type: image/jpeg
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3077
Expires: Fri, 09 Sep 2022 22:47:44 GMT
Date: Fri, 09 Sep 2022 21:56:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3077
Expires: Fri, 09 Sep 2022 22:47:44 GMT
Date: Fri, 09 Sep 2022 21:56:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3077
Expires: Fri, 09 Sep 2022 22:47:44 GMT
Date: Fri, 09 Sep 2022 21:56:27 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5fdeb374d4e3669ce5d9ff2cd22cd19
70ede5692526afd351d134a391383461dafdc64f
10c5d8e41aae1a36525a45375966b5067333f0c7edc176a540fd6527ebe1ad8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc632269f-fb89-42dc-acc4-f733f3d7beb7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4532
x-amzn-requestid: e5694699-7f38-4542-8808-54bda7ee7d86
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YIMmGGUmIAMF2cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63198e26-1aa6788e24fcfdf0008bee21;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 06:39:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: smtzoqnzJiET63xsW_r_-eVNsTK01mGqRbvuwekbqjnzS6Sb1fw9HQ==
via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:54:58 GMT
etag: "70ede5692526afd351d134a391383461dafdc64f"
content-type: image/jpeg
age: 82889
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 706c7ceb40056f848425ca7d994cedc8
b9b1bf8291b6a66f260f82947966fa01ca78c61f
739205893d17a123d2fac165f468314de14a99dc56c9e5b0ac79434f7c38b558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ee79a10-bae9-4fae-b19f-8beb6d75a42c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7139
x-amzn-requestid: 5125cc11-410a-4a86-a0cf-68950433b602
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YFBoyHycIAMFxcw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6318496b-5579dee14390c1b63e97e0fc;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_B0YRYqe6d5Tkoj4JvvTTArO1I5XfWVMUqFAY3rtPl2T0UenSeaeQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:44 GMT
age: 86023
etag: "b9b1bf8291b6a66f260f82947966fa01ca78c61f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7afe346e3b24ea4388913b449d1ffc42
f5348ba99fb8966dded580409108316f4e4e1237
1d1cafc3e99c20b23212679838567d4d5fc98c45cf902188e44b25ff2982c8ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9258cc3-ebbf-4d4c-85d1-6bc185623583.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 55971de2-bf63-4300-9007-1bc234962d0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRKXFGTIAMFp3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a6242-23914ec672a0a898498bbed6;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:44:34 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: lxqcvxSdM4FBQBZTNnhCrpl02fsnInyii7Yaw7fs4STzEd2fZIuuXA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 21:45:51 GMT
age: 636
etag: "f5348ba99fb8966dded580409108316f4e4e1237"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
34.120.237.76200 OK 3.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0078c7a407144a1ede33aef6f734eecf
113393e0dbabb3aff949d19ab6517ba1082b622d
42afcaf15e45dfa9aff14f59f69d60a3de127005e35783d2d35a4cfa652b57b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F498f96cc-d02c-4ca3-a7e2-0be324253465.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3125
x-amzn-requestid: 5820e798-6469-40f9-8d70-ee71f1a163b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLM5GGQAoAMF8eQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac1d3-3a0e9db848ea7ab145f1cffa;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:32:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: eZaKpjBYe3Qn7vs3zF52Cxob-xu3LMFs8esQAu6Lp6bzM0aOEHoXVg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 04:32:54 GMT
etag: "113393e0dbabb3aff949d19ab6517ba1082b622d"
content-type: image/jpeg
age: 62613
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9590b525c8b07a297c8784f02b161a1
cec8428d159a5bde29e89c64cfb04146f759d52b
d309772ce79d36f7b1df0a3ea85a01f8278db2909c860721d105b772efed82ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F793f20c6-757e-47e5-8ab6-4d73ceae75af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4002
x-amzn-requestid: ea2f5309-e220-4b7e-b718-9339b9444cc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKQ6hHM8IAMFeJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a61dc-7d45fd9253b7b7fa732b6f8d;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:42:52 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: VD7SlrM2RwFk5cfQvul2bTJA__GPYd5_UPY0D0_5NGLHoBj3yur7PA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:05:15 GMT
age: 85872
etag: "cec8428d159a5bde29e89c64cfb04146f759d52b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60fa03262bb3728f24a4c7a8177ec788
09dcbdc6043f01dd56920cca3ce3920d0d07b795
e7448f186933f9848f1d55f0e8dba593918846d02fb9cc3a7cd86d69b96a7fde
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9009587-828b-4a7a-8b84-f28d4b93cdef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7515
x-amzn-requestid: bb6a7928-9bdc-44e7-8478-b415bc504343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJu0bGYdoAMF5jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2b4f-208339fd72e62dff4a2ba339;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:50:07 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: UaU9GK4lcCuAN2WghBDa7f-21dRTA4Fh1tlAmGFMKh4wQOGZlKdmOw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Sep 2022 13:14:31 GMT
age: 31316
etag: "09dcbdc6043f01dd56920cca3ce3920d0d07b795"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/uploads/2021/02/cropped-cropped-itrc-2-32x32.png
204.11.59.34200 OK 3.0 kB URL HTTP/2 itrcchennai.com/wp-content/uploads/2021/02/cropped-cropped-itrc-2-32x32.png
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e1ef33de91afe52e6eeac23b18313a4d
73288217b7e5a0a86dddb2c0986269510111b4f7
e2dc07b8885020dbd78cba270143ffc9f5c5bb8e988d0e779051698063976de6
GET /wp-content/uploads/2021/02/cropped-cropped-itrc-2-32x32.png HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Feb 2021 12:00:13 GMT
accept-ranges: bytes
content-length: 3049
content-type: image/png
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/uploads/2021/02/cropped-cropped-itrc-2-192x192.png
204.11.59.34200 OK 51 kB URL HTTP/2 itrcchennai.com/wp-content/uploads/2021/02/cropped-cropped-itrc-2-192x192.png
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 52cc2e44a17e897c7db8d91bb276fbaa
899cd0fa26ce77536ab7b61fa40bcec498b82e0a
cb76a4d33ab343fa26463db1142e01abdec00519cd01e429027a8a7d93dd348f
GET /wp-content/uploads/2021/02/cropped-cropped-itrc-2-192x192.png HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 22 Feb 2021 12:00:13 GMT
accept-ranges: bytes
content-length: 50701
content-type: image/png
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/vendor/begrid.min.js?ver=1.2.5
204.11.59.34200 OK 2.1 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/vendor/begrid.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5919), with no line terminators
Hash dc065af12890ed83a68f39b8d9d2b2b2
0e2fc33fa2d50680a4d9518df5eea3e86b2fdd08
7ba702b5db2a9717db52fd27e02a62aac46bcec9f943e4d6dcd043eebe3933df
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-grid/js/vendor/begrid.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2099
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/vendor/isotope.min.js?ver=1.2.5
204.11.59.34200 OK 13 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/vendor/isotope.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (34450), with no line terminators
Hash f243b66f841020708a91098ceb305663
f0f269874c99c58c8b63f3771ac2f19bb1b64449
58be1693deec6d3e45b882c26c9058d627fcd2ea49db75209a4a65d08e0e408c
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-grid/js/vendor/isotope.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12662
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/be-grid/js/vendor/tilt.min.js?ver=1.2.5
204.11.59.34200 OK 2.0 kB URL HTTP/2 itrcchennai.com/wp-content/plugins/be-grid/js/vendor/tilt.min.js?ver=1.2.5
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5580), with no line terminators
Hash e7e3c99c432069458d94bf98e254057b
d477b7745c20bb4d2dc34a162847783b55ec10d5
5df1693c895f32033fd9779dddba90ab399a919f782f5a0062f8b0e20f80b436
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/be-grid/js/vendor/tilt.min.js?ver=1.2.5 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:47:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1979
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent/bg-body.png
204.11.59.34200 OK 1.9 kB URL HTTP/2 itrcchennai.com/wp-content/themes/exponent/bg-body.png
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 58 x 58, 8-bit grayscale, non-interlaced\012- data
Hash 5cdcce4d5fa060f356e753d39a6337e3
75971f234a9b4481f98d607a06d5d411e8516743
0d0f830a8532f6e391db8f208b1a280bb1bab4b166e2d2b564181ce38eff668b
GET /wp-content/themes/exponent/bg-body.png HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 11 Jan 2021 20:17:52 GMT
accept-ranges: bytes
content-length: 1904
content-type: image/png
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent/bgg.png
204.11.59.34200 OK 23 kB URL HTTP/2 itrcchennai.com/wp-content/themes/exponent/bgg.png
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash c1b2f37c9f9f99126ef7e622782541c2
879f63f3cea3874025803359d2f8787038ee17bf
4b4d0d0985ed9fc9926ceda60896fc2aa2f1c231218e01142a0851716fe8ca6e
GET /wp-content/themes/exponent/bgg.png HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 13 Jan 2021 11:59:32 GMT
accept-ranges: bytes
content-length: 23040
content-type: image/png
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com//wp-content/uploads/2020/09/itrc-1.png
204.11.59.34200 OK 26 kB URL HTTP/2 itrcchennai.com//wp-content/uploads/2020/09/itrc-1.png
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 150 x 107, 8-bit/color RGBA, non-interlaced\012- data
Hash a0015fcf6721a15186d2c84bf661267b
b18968413d0c8f80ab41be51864408f35e82df83
e84a12b9fa99c1e35c2d4a0b5537edf17850cb505d48370d3fa309f432958f5d
GET //wp-content/uploads/2020/09/itrc-1.png HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 04 Sep 2020 13:30:02 GMT
accept-ranges: bytes
content-length: 26197
content-type: image/png
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
204.11.59.34200 OK 40 kB URL HTTP/2 itrcchennai.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (65451)
Hash 6e276c6449165d277dbddaaafa88b830
7df48c2fa39f5cf10ed140afe9ade0e9d5d480e7
c725f081a10a7380b4d32bcf6d3e7d6d4acbd7e0932aea851f47a35bc81ef9c6
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.5.1 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Jan 2021 17:46:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/themes/exponent/js/vendor/superfish.min.js?ver=1.2.8.7
204.11.59.34200 OK 1.7 kB URL HTTP/2 itrcchennai.com/wp-content/themes/exponent/js/vendor/superfish.min.js?ver=1.2.8.7
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3800), with no line terminators
Hash 3452ee0dd2a36916c52f50ff36a8c69c
d45df618f3cc95a97492b81c8db1ceb2606912d1
a552a470da511b20d3aaaa4568f6776c87ec256d97bbd8da2183a27a7ab77b52
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/exponent/js/vendor/superfish.min.js?ver=1.2.8.7 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:15:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1677
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 356d258ee8fe7dd3a49d6e910ad4e6d1
69582548ae31d56ebd4a140e000ae6ab1a6a399b
32394386d1762e03f6ee1cbc5c6ed40a0a745745da646d8879fc8b59a089b887
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc935f3d1-f1ad-4753-8e03-988c366f974f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7787
x-amzn-requestid: 3dba260f-c87d-40ac-b840-ec3ce2f315d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YKRjNF5RIAMFncA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a62e1-5e73894d42ccca495868d250;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 21:47:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: ijCbDoTKkmXPqC1EGt5-ONwGWHMB83kluoTiIoGIDhFr6byq1k_QEA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 22:02:44 GMT
age: 86030
etag: "69582548ae31d56ebd4a140e000ae6ab1a6a399b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Oswald:wght@500&display=swap
IP 142.250.74.10:0
GET /css2?family=Oswald:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Sep 2022 21:56:26 GMT
date: Fri, 09 Sep 2022 21:56:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/tatsu/public/css/tatsu.min.css?ver=3.2.6
204.11.59.34200 OK 0 B URL HTTP/2 itrcchennai.com/wp-content/plugins/tatsu/public/css/tatsu.min.css?ver=3.2.6
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
GET /wp-content/plugins/tatsu/public/css/tatsu.min.css?ver=3.2.6 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Feb 2021 10:54:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 09 Sep 2022 21:56:26 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15
204.11.59.34200 OK 0 B URL HTTP/2 itrcchennai.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.15 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:17:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2
itrcchennai.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
204.11.59.34200 OK 0 B URL HTTP/2 itrcchennai.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15
IP 204.11.59.34:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.15 HTTP/1.1
Host: itrcchennai.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://itrcchennai.com/velit-atque/documents.zip
Cookie: aiovg_rand_seed=4058664822
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 02 Sep 2020 12:17:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 09 Sep 2022 21:56:27 GMT
server: Apache
X-Firefox-Spdy: h2