firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 14:02:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: J4DZT2MWGbumXvQ9xUFcg0CXISx7Tu_Qn8Qv_E1Ll5SIIUjRtnc4OA==
Age: 1971
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QAGLOc0MQGk2J8hlcrwsMRu6gDYYmZ4UHr96Plv6QB8SXBp0LDaQ4Q==
age: 35999
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2674
Expires: Fri, 16 Sep 2022 15:19:48 GMT
Date: Fri, 16 Sep 2022 14:35:14 GMT
Connection: keep-alive
merttixplc.online/
192.64.117.200301 Moved Permanently 707 B IP 192.64.117.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 16 Sep 2022 14:35:14 GMT
server: LiteSpeed
location: https://merttixplc.online/
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 16 Sep 2022 14:35:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 16 Sep 2022 14:03:22 GMT
Expires: Fri, 16 Sep 2022 14:50:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gQy0Af93ntLAXDwmN5gzF7E-X5xbndeWmwZnxzndEfY767lz5cZISg==
Age: 1913
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3db421016cf0e3ad25f324cf0faf0fac
b15909de1105d4d2fb5be5b3920c454daf022445
914b15f28636e0a5e851540ffb0625ecd09d0546b2f1f7af90b267ceebcf1d5d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5104
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:15 GMT
Last-Modified: Fri, 16 Sep 2022 13:10:11 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.217.237.91101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.217.237.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DbQH7nzrDKWBh20AK5dhog==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r4rUVCwTIVQmg304/8ee9A/Von8=
merttixplc.online/
192.64.117.200200 OK 6.4 kB IP 192.64.117.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1689), with CRLF line terminators
Hash 9c43effd0f2665554d84ed3c4f582726
8ebf18bf8c77c92769aebf67122ac74e7160908a
199513d80408a50aa63f7dd38633796dc51e0e6a613c17203e42f90045a1207d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
set-cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 6393
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
gtranslate.net/flags/blank.png
104.21.50.93200 OK 95 B URL HTTP/2 gtranslate.net/flags/blank.png
IP 104.21.50.93:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /flags/blank.png HTTP/1.1
Host: gtranslate.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 14:35:16 GMT
content-type: image/png
content-length: 95
last-modified: Wed, 23 May 2018 22:32:56 GMT
etag: "3950a-5f-56ce71dc13b46"
cache-control: max-age=864000
expires: Mon, 19 Sep 2022 03:02:29 GMT
cf-cache-status: HIT
age: 646367
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3GEgSt83iueL%2B%2BbXzNdqFr4yF3lqEE4G0THZPapuCs%2BSYOUPyBbDgC6nRMOgcNMfDACVw138dLLKE2e%2BLtEalMjVcarASoXBMXRSdvj%2FxjF1u3oB0zWzuJGRJErdPuKuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ba53e3d9de1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7975b33417f675d21a178b997288d616
1d2e957c46d45d6cb2f44389f3dcc66c880b6065
daffff63daade8bb0c2fd63570229df8502c563dd079b4da4103f6ee89fa67e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 734d709ca96b537a66a72b012bad01b3
1422dc6e556936950feec9000a321a050b638ff8
f22c958051fad1d1d361d069afd22467fbc3caaebffac1ffb0fe3eead923c0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4cc0aaf293fed6c16e1dde02c50c8f40
e94f11cd8fa955f28856a02aa7115aa5f3626d98
b1592dc8fc0d63052f66b7be9b5ff1f562f6fbd05f6365ce828758bfbb3f1a12
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 734d709ca96b537a66a72b012bad01b3
1422dc6e556936950feec9000a321a050b638ff8
f22c958051fad1d1d361d069afd22467fbc3caaebffac1ffb0fe3eead923c0c3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
merttixplc.online/wp-includes/style.min.css?ver=5.3.2
192.64.117.200200 OK 5.8 kB URL HTTP/2 merttixplc.online/wp-includes/style.min.css?ver=5.3.2
IP 192.64.117.200:0
File type ASCII text, with very long lines (41467), with no line terminators
Hash 1f4a111d4d9dae1e005f85b22fa4133c
27bb67c1264d6f112b08394020afd51a8b1fb5f4
2bfa4c28a1feb6070a96be9a4abcc925fb9a82083189677697a2ad85f6e277f2
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/style.min.css?ver=5.3.2 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:27:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5753
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-includes/formcraft-common.css?ver=3.6
192.64.117.200200 OK 5.5 kB URL HTTP/2 merttixplc.online/wp-includes/formcraft-common.css?ver=3.6
IP 192.64.117.200:0
File type ASCII text, with very long lines (28425), with no line terminators
Hash 24ca29b8e3d4380bb4ffca2ea2eb94f8
128f6fa13d421af9faf25f15dab9aac72e67723f
1e1bb3296cb385490bf236185883ea36c50559dee7b108620fb8bcc6bc742374
GET /wp-includes/formcraft-common.css?ver=3.6 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:29:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5463
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-includes/form.css?ver=3.6
192.64.117.200200 OK 8.2 kB URL HTTP/2 merttixplc.online/wp-includes/form.css?ver=3.6
IP 192.64.117.200:0
File type ASCII text, with very long lines (63828), with no line terminators
Hash adff044c35aaf3092563f56c51a6dbe3
3e77c971bac21c635fb4dbccbe73baf290dc9173
84e52776b854741dc896fa5588c1b2dc344e87245442478ddaad5ec739f26305
GET /wp-includes/form.css?ver=3.6 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:30:02 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8248
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20792
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 14:35:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4abe181b1d086cd7e122d7de32f63fb6
e3482d4df0d59c247109ff7fb97f20ec6f142c4d
63c277b85854c244e38f5b3e60a073eb15962a0784ba1b726353e3ec0c3e9e02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20792
Expires: Fri, 16 Sep 2022 20:21:48 GMT
Date: Fri, 16 Sep 2022 14:35:16 GMT
Connection: keep-alive
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
142.250.74.46200 OK 40 kB URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2
IP 142.250.74.46:0
Hash 52b6ced38d381ce820e65c725b80d8f6
292d1c4e85695580e8f32642a5d39109573746b7
fd81d65d44f886164f62a2294cfc9a0619ac22bba9d8fd64e797cd4d231df9f5
GET /translate_a/element.js?cb=googleTranslateElementInit2 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 14:35:16 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+816; expires=Sun, 15-Sep-2024 14:35:16 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da1bd18c37b83b0ef4641036dc208eec
abb5c719ec9341c6d4146297a2a1eca171df9c81
0085a66912a814c619a1257545d36610c7109ba32f1b097176102d3d3db2c8d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed934f67-48ba-4d22-a8f8-4f5f7a10a9f9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12425
x-amzn-requestid: 96b5f0d2-1327-4180-9d48-f915630c3de2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDqHyooAMFqyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-7d89d2d7024f6a821a62c948;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dxJEH4Jh8lAZ0T28BZnFLhWczwZ7oOaspCmR-SWudP32cF3BQc6wmw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:56:40 GMT
age: 59916
etag: "abb5c719ec9341c6d4146297a2a1eca171df9c81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7d4ee58e0f26ec6817dbab72aa7db6d
b6e634ef27eba9da38c6472565e0fdca6898e4f0
07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hhh1q_MrZVAaRWwmc1IuJbL3KhhwwHQgceaL15okbg4NvKJlWfUjyA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:02:34 GMT
age: 59562
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6d17788c7d2a1a91e68eff48df14bd1
8e1090346d90bc69e7a95384e6a7a01154e31567
1e1eefa02e4c55e73be87a309ad5c2335856125cb678cff6ebc42c5ff73a0e2b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fee084149-a07d-4141-a484-d9f352209914.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9904
x-amzn-requestid: a23cb4b3-db6e-48ae-90b1-3ecf6478bf52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDpH_CIAMFl4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb0-15869210609a18587467d1e2;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:00 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JyXQcHKFIksMgLMROqOfV1ZqdFKSp3QSIlGmXuDR6h88o9J6s-mgkw==
via: 1.1 1002c05e647d0804e83147cdd205d14a.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:14:32 GMT
age: 58844
etag: "8e1090346d90bc69e7a95384e6a7a01154e31567"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f876cdc19dca10c62d83d19303512c7f
9f812c7bc1b42b0cea3e42694e7d1f6738789770
c647aac44ba9eb501eb7def781ca0168b4eb71a716283cc6f4e6782939a396cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45619ede-b86e-4373-9398-fec60bb9e862.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12123
x-amzn-requestid: b04ac3c4-b4d8-4094-8b7d-bd229bb7d577
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yb2GvFnEoAMF-Gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63216a2a-4e5927ac3f1d0b215ce5a8dc;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 05:44:10 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1W0Ito5yNmHNxtYBj5jOJQ3Z2OP_Shvhpj94YUDwLHQKzt-zgqjI8A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 16 Sep 2022 03:12:38 GMT
age: 40958
etag: "9f812c7bc1b42b0cea3e42694e7d1f6738789770"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: J5lOTqdLhgg3Hzfw3b86ScfLkODllGEA_y9xUSxBxBCS4sI5nAWKZQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 23:35:10 GMT
age: 54006
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
merttixplc.online/wp-includes/settings.css?ver=5.3.0.2
192.64.117.200200 OK 9.8 kB URL HTTP/2 merttixplc.online/wp-includes/settings.css?ver=5.3.0.2
IP 192.64.117.200:0
File type Unicode text, UTF-8 text, with very long lines (7136), with CRLF line terminators
Hash a37ef4786e55c63061b06844754517b4
dfefa989999d624906e5012ddad74c5916696f60
b2d6fb971dfc40752241b90beeae12d43b2be954bf2f197dfbba015169ebaeda
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/settings.css?ver=5.3.0.2 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:30:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 9772
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0968067392318b94b1074e88b9c353bf
fb649ecccf4212875dfed480036d74781b7e34b5
371a3fb4fd671ba2782f413438f0f28bd6cba81fff7c7ab1fbb84a400fcea385
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 16 Sep 2022 14:35:17 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 14 Sep 2022 13:46:35 GMT
Expires: Wed, 21 Sep 2022 13:46:34 GMT
Etag: "fb649ecccf4212875dfed480036d74781b7e34b5"
Cache-Control: max-age=428476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ba53dbbf761bfa-OSL
merttixplc.online/wp-content/dashicons.min.css?ver=5.3.2
192.64.117.200200 OK 28 kB URL HTTP/2 merttixplc.online/wp-content/dashicons.min.css?ver=5.3.2
IP 192.64.117.200:0
File type ASCII text, with very long lines (47523), with CRLF line terminators
Hash 868bb938414cfade653008cdf79cf0d0
961b7f405bc5cb87251cc57d2916d6f687875dfa
43b3fa9fc8ec10ed31168ba99f0ef4ee1acfcb1aebbd70848ed5bc7ef4ea76b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/dashicons.min.css?ver=5.3.2 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:38:12 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 28347
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-includes/js/jquery-migrate.min.js?ver=1.4.1
192.64.117.200200 OK 4.3 kB URL HTTP/2 merttixplc.online/wp-includes/js/jquery-migrate.min.js?ver=1.4.1
IP 192.64.117.200:0
File type ASCII text, with very long lines (9959), with CRLF line terminators
Hash c70788a6da62c4cbafb93b7abb2d5b03
26ed63703126ec3a8caf593d3a169c94a549e307
414db3d84a5e213345469ce197e6ecbc4f8cf4dc761c32dc62c25bd53a32a6de
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:54:14 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4254
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-includes/js/jquery.js?ver=1.12.4-wp
192.64.117.200200 OK 38 kB URL HTTP/2 merttixplc.online/wp-includes/js/jquery.js?ver=1.12.4-wp
IP 192.64.117.200:0
File type ASCII text, with very long lines (31997), with CRLF line terminators
Hash f9c995bc5fdb2c85beeff3b1be0dd8cb
3e0b70512eede987d9a7be59ec49dcc51fec7f45
42e670fa4910f51d9e4ae54509fb8ccf388da78f29e9a344228d3d66f917228b
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:53:16 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 38059
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/js/jquery.themepunch.tools.min.js?ver=5.3.0.2
192.64.117.200200 OK 36 kB URL HTTP/2 merttixplc.online/wp-content/js/jquery.themepunch.tools.min.js?ver=5.3.0.2
IP 192.64.117.200:0
File type ASCII text, with very long lines (27184), with CRLF line terminators
Hash 3ff8ec23b19c24fa58564137f063a8bf
d8f83631508a6fc0356fab2d94fb66dc857d7c6b
2759676934610ae271044f1105748b769db0e5327af9219f7a95a01a99c58d6a
GET /wp-content/js/jquery.themepunch.tools.min.js?ver=5.3.0.2 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:55:20 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 36104
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/et-core-unified-15841821888886.min.css
192.64.117.200200 OK 2.1 kB URL HTTP/2 merttixplc.online/wp-content/et-core-unified-15841821888886.min.css
IP 192.64.117.200:0
File type ASCII text, with very long lines (19048), with no line terminators
Hash 7d601a3de841bfc63e9822ef939a0be9
b4560249f65a243e7ec7fcfe98d6b0753c9e6675
f72e555e7972d36962caf70edc47efe44f61f191c0d6441030e040028d589115
GET /wp-content/et-core-unified-15841821888886.min.css HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:51:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2087
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/js/jquery.themepunch.revolution.min.js?ver=5.3.0.2
192.64.117.200200 OK 16 kB URL HTTP/2 merttixplc.online/wp-content/js/jquery.themepunch.revolution.min.js?ver=5.3.0.2
IP 192.64.117.200:0
File type ASCII text, with very long lines (32001), with CRLF line terminators
Hash a468adadd263c22c296f8cfc2a88865d
29665b7c251e2b1f9fd7814d6f132feb68962b61
8869987ecf7fefa3fdd65501808beecf396d3fcb6ea050e663cb0fd52dd51c36
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/js/jquery.themepunch.revolution.min.js?ver=5.3.0.2 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:56:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15981
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/font-awesome/css/font-awesome.min.css
192.64.117.200200 OK 6.7 kB URL HTTP/2 merttixplc.online/font-awesome/css/font-awesome.min.css
IP 192.64.117.200:0
File type ASCII text, with very long lines (30837)
Hash 97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38
GET /font-awesome/css/font-awesome.min.css HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Sun, 04 Feb 2018 08:54:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/images/bars.png
192.64.117.200200 OK 400 B URL HTTP/2 merttixplc.online/images/bars.png
IP 192.64.117.200:0
File type PNG image data, 60 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 16afcff65c72976f02353b673d1334f2
35f8114f833862161e7ed9ca3e2852aa08a71d0d
dae840b65722466ce49cafc03c726b9711c24bd1a3aef42eb5774de9d20e8926
GET /images/bars.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/png
last-modified: Sun, 22 Mar 2020 05:32:22 GMT
accept-ranges: bytes
content-length: 400
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/loans.png
192.64.117.200200 OK 4.8 kB URL HTTP/2 merttixplc.online/img/loans.png
IP 192.64.117.200:0
File type PNG image data, 87 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash bfeb73c17f4031bef455cf6ba6ac42ea
61a34a4bfb03a0ee5819826f9ab60805b3e13309
b41709c7705dfb32e726babf0fde571eec3edeb04df5b5f57283b80ff09ea8a4
GET /img/loans.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/png
last-modified: Tue, 24 Mar 2020 20:59:46 GMT
accept-ranges: bytes
content-length: 4839
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/credit-card.png
192.64.117.200200 OK 3.6 kB URL HTTP/2 merttixplc.online/img/credit-card.png
IP 192.64.117.200:0
File type PNG image data, 87 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash f148850576c785d80a8dae9cb04d89d6
9cc2055eab90776b8f8252cbcecac79a7e7cf551
1f1de6c77251099cecd8b0874f62747dadebe0a2f9a116a47e089dfd1b3b5566
GET /img/credit-card.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/png
last-modified: Tue, 24 Mar 2020 21:08:20 GMT
accept-ranges: bytes
content-length: 3609
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/retire.png
192.64.117.200200 OK 2.5 kB URL HTTP/2 merttixplc.online/img/retire.png
IP 192.64.117.200:0
File type PNG image data, 87 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c5583c4ff3ce9f134a1f635312867c1
8b37fe7465c0b582a19b34719c332d07dfb87b8e
05f27fec85f295f097aa4116fbe8300b8548f64dad430867905049fdbb1b3d7f
GET /img/retire.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/png
last-modified: Tue, 24 Mar 2020 21:10:10 GMT
accept-ranges: bytes
content-length: 2468
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/save.png
192.64.117.200200 OK 2.3 kB URL HTTP/2 merttixplc.online/img/save.png
IP 192.64.117.200:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 43a6ced30a2fdfc51888b58227e1247f
fc247a74d5ce0b56d373d3015ebba62068f72fee
ff2cfcc5a1b8457eff7dc76ff57292f98cd612e3073d85c004f403d638ae3f61
GET /img/save.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/png
last-modified: Tue, 24 Mar 2020 21:12:00 GMT
accept-ranges: bytes
content-length: 2314
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/js/common.js?ver=3.24.1
192.64.117.200200 OK 498 B URL HTTP/2 merttixplc.online/wp-content/js/common.js?ver=3.24.1
IP 192.64.117.200:0
File type ASCII text, with CRLF line terminators
Hash fc40674eb68974536eccc297fe5fc0a1
bf69da9ffaf6a86dfc91b9253962f2298de435b8
f545ed50224edd24676ca20f4bad0adee9a0d5123c20c5712994b6afd51314da
GET /wp-content/js/common.js?ver=3.24.1 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:58:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 498
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-includes/js/wp-embed.min.js?ver=5.3.2
192.64.117.200200 OK 645 B URL HTTP/2 merttixplc.online/wp-includes/js/wp-embed.min.js?ver=5.3.2
IP 192.64.117.200:0
File type ASCII text, with very long lines (1399), with no line terminators
Hash 138e2e4d37465fe970c7d66ace58b7d6
76145cc37ecc87e74e947eac048ab86c02722897
d018233fad8d046fcb55a7c19c4681d4491e9b0f1f32191224c0f2f572da7025
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=5.3.2 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:59:30 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 645
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/banklog.png
192.64.117.200200 OK 27 kB URL HTTP/2 merttixplc.online/img/banklog.png
IP 192.64.117.200:0
File type PNG image data, 369 x 521, 8-bit/color RGBA, non-interlaced\012- data
Hash 577b6cc703082821b32a42ebf439b0f2
e003df4ad876438224309c606390fe4986476422
042e8237feabc5447d1f8d1681dfede83763d2c2e79100115680d4a3885b30b3
GET /img/banklog.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/png
last-modified: Tue, 24 Mar 2020 20:55:50 GMT
accept-ranges: bytes
content-length: 26835
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/banner-bamking-new.jpg
192.64.117.200200 OK 37 kB URL HTTP/2 merttixplc.online/img/banner-bamking-new.jpg
IP 192.64.117.200:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1267x295, components 3\012- data
Hash 51096411b489bf62e7e9306642d5f0ce
e113e574e163609a6dbb538506502c83b960970c
e4f7f3bd6da8a5919261c6b110974f001284f53371df6870d80641ac0ca7f404
GET /img/banner-bamking-new.jpg HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/jpeg
last-modified: Tue, 24 Mar 2020 20:57:52 GMT
accept-ranges: bytes
content-length: 37326
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/securebank2.jpg
192.64.117.200200 OK 34 kB URL HTTP/2 merttixplc.online/img/securebank2.jpg
IP 192.64.117.200:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 690x448, components 3\012- data
Hash c166ff684b0611617fd97f10e851da5a
f60bb538d550be521f1cb141c8f707536e80db5b
38e07508adcee6899f0f64667859b4886159aa103d2383313a801e3805d5c383
GET /img/securebank2.jpg HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/jpeg
last-modified: Tue, 24 Mar 2020 20:54:34 GMT
accept-ranges: bytes
content-length: 33512
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/nn/style.css?ver=3.24.1
192.64.117.200200 OK 67 kB URL HTTP/2 merttixplc.online/wp-content/nn/style.css?ver=3.24.1
IP 192.64.117.200:0
File type ASCII text, with very long lines (64918), with CRLF line terminators
Hash 5288f48a6a54ffe3da43b60464db8258
501d9db1f3ce3040310656917c38347202038b0d
6cf6cda62ec963b9856a57aea9314cb5ccdb39cacbe308cef8c61c33b7e5e492
GET /wp-content/nn/style.css?ver=3.24.1 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 21:44:14 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 67224
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/js/custom.min.js?ver=3.24.1
192.64.117.200200 OK 61 kB URL HTTP/2 merttixplc.online/wp-content/js/custom.min.js?ver=3.24.1
IP 192.64.117.200:0
File type Unicode text, UTF-8 text, with very long lines (20990), with CRLF line terminators
Hash cbc9ecf46a9bb374e257ae9a0dd7839a
d35003fa85cb0d430cb6e4230c826f5265723547
972c135526b70400c38bd6fbbd3fb36998cfe7b22bb9e229aed012603841bbaf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/js/custom.min.js?ver=3.24.1 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 21:58:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 60815
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/img/rtb.jpeg
192.64.117.200200 OK 123 kB URL HTTP/2 merttixplc.online/img/rtb.jpeg
IP 192.64.117.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=2, orientation=upper-left], baseline, precision 8, 2476x606, components 3\012- data
Size 123 kB (122879 bytes)
Hash 398f0735c13269a8e16e7e22c75991c8
de9ee981adea41ce78f6491d0844f86d2fae1722
c2d1f11b6e04f5ce78cf282cd41f384a5db71347810a54e42884c3ab33cf04ad
Analyzer Verdict Alert fortinet Phishing
GET /img/rtb.jpeg HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:16 GMT
content-type: image/jpeg
last-modified: Sun, 22 Nov 2020 04:27:56 GMT
accept-ranges: bytes
content-length: 122879
date: Fri, 16 Sep 2022 14:35:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.74200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.74:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Sep 2022 14:16:16 GMT
expires: Fri, 16 Sep 2022 15:16:16 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 1142
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 7df27d4646e6e1cd358f0997ad604ea9
bf0c3feb55312e00ed8aa718458cc1e932903ac2
ba7ebd5b66156d280c46a2e492c5830f67e114711498b405b4e57ee1f45f4905
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merttixplc.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 281057
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fb510c0e0fbff6302a68eb385520e3f
cd5149c6ffc7ee3d90e9e6884af8e02f44c7ab00
2b9cd0f540eb0916ad5c3ee63dbc8ee57570c3eaae7aeabca5c8cb03a3c73c32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merttixplc.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:58 GMT
expires: Thu, 14 Sep 2023 19:30:58 GMT
cache-control: public, max-age=31536000
age: 155060
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
142.250.74.163200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 35764, version 1.0\012- data
Hash 60f23230f1a8d5c3b7d25b73f5b5ce23
ed08ada85d017893b9bcb8224e99154c6708f5d2
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
GET /s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merttixplc.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:14:36 GMT
expires: Tue, 12 Sep 2023 21:14:36 GMT
cache-control: public, max-age=31536000
age: 321642
last-modified: Mon, 18 Jul 2022 19:06:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sairaextracondensed/v11/-nFvOHYr-vcC7h8MklGBkrvmUG9rbpkisrTrN2zh2wph.woff2
142.250.74.163200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/sairaextracondensed/v11/-nFvOHYr-vcC7h8MklGBkrvmUG9rbpkisrTrN2zh2wph.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 16672, version 1.0\012- data
Hash 9eb66fe33d911f2c9583ef44b90a8a0e
d1ba6f490f8fe4ca11a3eea230a3cf55eaec4923
f98575e529167086cc3204f8dc203333faa809c4390b0e80d1a3fdf87df4dbc3
GET /s/sairaextracondensed/v11/-nFvOHYr-vcC7h8MklGBkrvmUG9rbpkisrTrN2zh2wph.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merttixplc.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 01:40:07 GMT
expires: Fri, 15 Sep 2023 01:40:07 GMT
cache-control: public, max-age=31536000
age: 132911
last-modified: Wed, 27 Apr 2022 16:19:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.163200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://merttixplc.online
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:59 GMT
expires: Thu, 14 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 155059
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//tururu.mp3
104.26.8.139206 Partial Content 7.2 kB URL HTTP/2 widget-v4.tidiochat.com//tururu.mp3
IP 104.26.8.139:0
File type MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Monaural\012- data
Hash 5061b4d134a7b4d5d744f9a127b757a8
c5e240ac60d3914cb3836ba6652105c67720b845
12c7687514ca85ba2157ed61914ac526bb9dd15cb5a2a2d9e4d88f919349284f
GET //tururu.mp3 HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
date: Fri, 16 Sep 2022 14:35:18 GMT
content-type: audio/mpeg
content-length: 7224
last-modified: Tue, 13 Sep 2022 07:44:17 GMT
etag: "632034d1-1c38"
expires: Thu, 29 Sep 2022 02:08:19 GMT
cache-control: public, max-age=31536000
pragma: public
cf-cache-status: HIT
age: 131219
content-range: bytes 0-7223/7224
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOsibRshdjKtVZgjnXiDvSnmkeyPududaruMo8KunxeTLFvNc%2F6nYwvsRRd6PpPow06z9AYklcpHcDaP%2BOXzGDHkbViaUWXQPqdcUsMzA2l0e6CGnyqfmGbvYLFzs3a5eflssKiZBkYV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ba53ef5c86b4fd-OSL
X-Firefox-Spdy: h2
merttixplc.online/img/r-banner.jpeg
192.64.117.200200 OK 157 kB URL HTTP/2 merttixplc.online/img/r-banner.jpeg
IP 192.64.117.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1240x400, components 3\012- data
Size 157 kB (156781 bytes)
Hash 49f26d6d88ddf8f42ba4dd2907179f91
57bd930ad99298c14ab944fb256e7818736d1799
599a34450670b2bce31f924fddb1b890600e6ca95d743337e143641b5b1c2def
Analyzer Verdict Alert fortinet Phishing
GET /img/r-banner.jpeg HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:18 GMT
content-type: image/jpeg
last-modified: Fri, 24 Apr 2020 00:15:21 GMT
accept-ranges: bytes
content-length: 156781
date: Fri, 16 Sep 2022 14:35:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
192.64.117.200200 OK 77 kB URL HTTP/2 merttixplc.online/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 192.64.117.200:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://merttixplc.online/font-awesome/css/font-awesome.min.css
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 23 Sep 2022 14:35:18 GMT
content-type: font/woff2
last-modified: Sun, 04 Feb 2018 08:54:56 GMT
accept-ranges: bytes
content-length: 77160
date: Fri, 16 Sep 2022 14:35:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/nn/core/admin/fonts/modules.ttf
192.64.117.200200 OK 6.4 kB URL HTTP/2 merttixplc.online/wp-content/nn/core/admin/fonts/modules.ttf
IP 192.64.117.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1689), with CRLF line terminators
Hash 9c43effd0f2665554d84ed3c4f582726
8ebf18bf8c77c92769aebf67122ac74e7160908a
199513d80408a50aa63f7dd38633796dc51e0e6a613c17203e42f90045a1207d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/nn/core/admin/fonts/modules.ttf HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/wp-content/nn/style.css?ver=3.24.1
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 6393
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 14:35:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
widget-v4.tidiochat.com//1_114_0/static/js/widget.64874ea49214d2736b46.js
104.26.8.139200 OK 259 kB URL HTTP/2 widget-v4.tidiochat.com//1_114_0/static/js/widget.64874ea49214d2736b46.js
IP 104.26.8.139:0
File type ASCII text, with very long lines (65451)
Size 259 kB (258899 bytes)
Hash 9431b6c1adb75b4768a05ead64208332
6dc25c158a720231a4d421b2509d788705f3dbf5
fcf860122acd290a02ea159c3a87f2e6cbeb73c33108ac8a7ac0829b5693358f
GET //1_114_0/static/js/widget.64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 14:35:18 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-826dd"
cache-control: max-age=691200
cf-cache-status: HIT
age: 4130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPEgyDYGNEyGbSXajOOQYppQM1piBwwqrJPOTW%2FlMkHDe9BvB1C3eNqEltvA7G53qvxs19X8lJ4I1XreGLxUMEsefvCbbTHXFfZ0AEsjeRTBwrCrLOjY6lAEKnKz5lRar8MS2Hl8gXmd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ba53efacf3b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
merttixplc.online/images/gpb_icon.png
192.64.117.200200 OK 6.4 kB URL HTTP/2 merttixplc.online/images/gpb_icon.png
IP 192.64.117.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1689), with CRLF line terminators
Hash 9c43effd0f2665554d84ed3c4f582726
8ebf18bf8c77c92769aebf67122ac74e7160908a
199513d80408a50aa63f7dd38633796dc51e0e6a613c17203e42f90045a1207d
GET /images/gpb_icon.png HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 6393
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 14:35:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
merttixplc.online/wp-content/nn/core/admin/fonts/modules.woff
192.64.117.200200 OK 24 kB URL HTTP/2 merttixplc.online/wp-content/nn/core/admin/fonts/modules.woff
IP 192.64.117.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1689), with CRLF line terminators
Hash 3608cdb879c62e2d64eaa6f3b9463ccf
a5900b6e36a131381e5151253cdad395e3d9e064
591b9c5e98afc074549aefa1a8e641f0281b06a3ff028a525ddc9eb572cc8c07
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/nn/core/admin/fonts/modules.woff HTTP/1.1
Host: merttixplc.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://merttixplc.online/wp-content/nn/style.css?ver=3.24.1
Cookie: PHPSESSID=3baf89359ef368e1ce4d604cf53570ae
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/7.4.30
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 24042
date: Fri, 16 Sep 2022 14:35:18 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 2e8e3b8dcfc70035468cee19fa0ce164
8abd549de54a56c4d8866642803817e1d411ad88
9f8702221570464be855f0cf42d77a90b745fbf6c60d5d437218d45f9603fd19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
142.250.74.106200 OK 1.4 kB URL HTTP/2 translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback
IP 142.250.74.106:0
Hash 3ad547ec47ef63d87eff80e53d6dd861
20cd334266b4bc9b47966d5487f0a2b2d41db765
c9b9dc1b30d38db2a72068eb7d8a5d1af32006b64263cab5e89f500f62856ea3
GET /v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback HTTP/1.1
Host: translate-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-type: text/javascript; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 16 Sep 2022 14:35:18 GMT
server: ESF
cache-control: private
content-length: 1392
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
expires: Fri, 16 Sep 2022 14:35:18 GMT
set-cookie: NID=511=gvCQnH_4kHBJxp7R_h1-4IC2tW-bTDgpFHFgxgYPU00xJC7hnXdTFDEnCFO8V69baJXUBbVfYk4a3h0OujTH0Yz6Cgy_Gk_LLOR7P9RM0mafxT_4mcVdGm9dpJ5n-PAr745pSgER4j8bsDAGHWxBe12ZMQzT_NiYSIv1Q6u6y90; expires=Sat, 18-Mar-2023 14:35:18 GMT; path=/; domain=.translate-pa.googleapis.com; HttpOnly
CONSENT=PENDING+731; expires=Sun, 15-Sep-2024 14:35:18 GMT; path=/; domain=.googleapis.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash d972358180e8ef88372566aad740221c
48baa9fc3d2a81b342f9bbe850fe9fe343298a95
49bb00910e8a6a70f234a4b0a6da1653273ddc3ae5b2891425a05e3a3abcad8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
widget-v4.tidiochat.com/1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js
104.26.8.139200 OK 90 kB URL HTTP/2 widget-v4.tidiochat.com/1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js
IP 104.26.8.139:0
File type ASCII text, with very long lines (65439)
Hash d22feee26e24978e2e84b35cae30f065
e42e59411c0e2a40426116975488c738a33a555c
ff3ec7310b9d40287fae68db7d87b7c4ece83c62c3d645e6b11bfe657f6d6836
GET /1_114_0/static/js/chunk-WidgetIframe-64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 16 Sep 2022 14:35:18 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-5575e"
cache-control: max-age=691200
cf-cache-status: HIT
age: 4130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx2ELkIVcUGHsOWaR0r4ApB5IdPRQBIhRa1G%2BuD0nfZ01d%2FZn3xziRDcw1eWCDNsY%2BY%2BXwx6xGqS95jkHjdmJzpmPIW5AuX%2FZor3XZa%2BZZ%2F4NvONNCjyCjWa%2F1B2euz63CFgPFOE%2F74B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ba53ef3c6ab4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
socket.tidio.co/socket.io/?ppk=kiclmspdgd6ybqlgxeuhpfgqvdkirant&device=desktop&EIO=3&transport=websocket
52.49.188.145101 Switching Protocols 0 B URL HTTP/1.1 socket.tidio.co/socket.io/?ppk=kiclmspdgd6ybqlgxeuhpfgqvdkirant&device=desktop&EIO=3&transport=websocket
IP 52.49.188.145:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?ppk=kiclmspdgd6ybqlgxeuhpfgqvdkirant&device=desktop&EIO=3&transport=websocket HTTP/1.1
Host: socket.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://merttixplc.online
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Stn4ARggPpox8RFmQgMeeg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 16 Sep 2022 14:35:18 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4jx+Zuy2J3lvBvtWtsKZZ5nOKoo=
Sec-WebSocket-Extensions: permessage-deflate
ocsp.digicert.com/
93.184.220.29200 OK 997 B IP 93.184.220.29:0
File type gzip compressed data, max compression\012- data
Hash 0feabc2cec52e92e0cdd299a4f3e1025
0cebb4c4fb2c90ce77440d4722da89002c1658ac
ac66480452c4e10c27049d00007f8cffcefa01f5f8ac7e4760128c222b9d8877
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 16 Sep 2022 14:35:19 GMT
Last-Modified: Fri, 16 Sep 2022 12:46:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
23.111.9.57200 OK 1.3 kB URL HTTP/2 twemoji.maxcdn.com/v/13.0.1/72x72/1f44b.png
IP 23.111.9.57:0
File type PNG image data, 72 x 72, 8-bit colormap, non-interlaced\012- data
Hash 8c685a701d36f492ecc566a4c879fbfd
bbfb15f5fdfd47a20122556975dba73b9d035d95
dfee1561c6e59c90f7a292f90157bae85f75ccb3ae27b655898a51429e3a8910
GET /v/13.0.1/72x72/1f44b.png HTTP/1.1
Host: twemoji.maxcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 14:35:19 GMT
content-type: image/png
content-length: 1285
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Thu, 31 Mar 2022 03:24:17 GMT
access-control-allow-origin: *
etag: "62451ee1-505"
expires: Sun, 16 Oct 2022 14:35:19 GMT
cache-control: max-age=2592000
x-proxy-cache: MISS
x-github-request-id: 3B66:6CC0:5C9BBC:6016D7:63245B40
vary: Accept-Encoding
x-fastly-request-id: afaeab388db1de45aba366d7d4008041a11e371d
server: NetDNA-cache/2.2
powered-by: MaxCDN
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3Aregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CSaira+Extra+Condensed%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&ver=5.3.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3Aregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CSaira+Extra+Condensed%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&ver=5.3.2
IP 142.250.74.10:0
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CPlayfair+Display%3Aregular%2Citalic%2C700%2C700italic%2C900%2C900italic%7CSaira+Extra+Condensed%3A100%2C200%2C300%2Cregular%2C500%2C600%2C700%2C800%2C900&ver=5.3.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 14:35:16 GMT
date: Fri, 16 Sep 2022 14:35:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
code.tidio.co/kiclmspdgd6ybqlgxeuhpfgqvdkirant.js
172.67.72.223302 Found 0 B URL HTTP/2 code.tidio.co/kiclmspdgd6ybqlgxeuhpfgqvdkirant.js
IP 172.67.72.223:0
GET /kiclmspdgd6ybqlgxeuhpfgqvdkirant.js HTTP/1.1
Host: code.tidio.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 16 Sep 2022 14:35:16 GMT
content-type: text/html
location: https://widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
cache-control: private, no-cache, no-store, must-revalidate
widget-cache-status: HIT
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=37939CrNy1gGKik%2Flnf5NDC8rT5983hjwx47541X8J9d70xXp8S97V%2FEwJ3nNDPiMSFV6fJF3gBaMgywMw0xREGbjmgxBPOU5sPWLwBurC1aZtX9fiMWZNIqMBT%2B2H0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74ba53e3c86a1bfe-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://merttixplc.online/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 14:35:16 GMT
date: Fri, 16 Sep 2022 14:35:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
104.26.8.139200 OK 0 B URL HTTP/2 widget-v4.tidiochat.com/1_114_0/static/js/render.64874ea49214d2736b46.js
IP 104.26.8.139:0
GET /1_114_0/static/js/render.64874ea49214d2736b46.js HTTP/1.1
Host: widget-v4.tidiochat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://merttixplc.online/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 16 Sep 2022 14:35:16 GMT
content-type: application/javascript
last-modified: Thu, 15 Sep 2022 11:25:23 GMT
vary: Accept-Encoding
etag: W/"63230ba3-4311"
cache-control: max-age=691200
cf-cache-status: HIT
age: 4130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJC%2BvSe8CfxGI3EKHm%2BvlPJ5SlNkRchYTkl6OL5koM1k%2BkexfUX7MSY7Qm4LHqGkh%2BeurhCX%2Bja65nanvMmDFlI8dpovz1dX0TRVcGrPSr8PaYDFRZPqp3Nm7GL5PWZu787vSAXV56%2Fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74ba53e4fde4b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2