r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4332
Expires: Tue, 31 Jan 2023 04:19:47 GMT
Date: Tue, 31 Jan 2023 03:07:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6458
Expires: Tue, 31 Jan 2023 04:55:13 GMT
Date: Tue, 31 Jan 2023 03:07:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 02:43:15 GMT
content-type: application/json
age: 1460
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21099
Expires: Tue, 31 Jan 2023 08:59:14 GMT
Date: Tue, 31 Jan 2023 03:07:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aYEAgTvirVGF/puutn62QmifdHGS7diAIqVEK+KUCCAuiAcGbJbPqIM5XAQkwyVKKw30lQKD3C0=
x-amz-request-id: SYBJ4S5MHGSDGJVT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 02:51:00 GMT
age: 995
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 03:07:35 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/
148.66.138.105200 OK 139 B URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document, ASCII text
Hash 52275768b0fbd9dbe75cd3c1eebe31b8
3977bec10d5dbaaf8a49af0670e0c766a5436d38
c8dfb67f4904db66144e87113da7f428f22c8c3369ee1f363c212f28d21c7db9
Analyzer Verdict Alert openphish ING
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/ HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:35 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 139
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 02:41:41 GMT
age: 1554
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients
148.66.138.105301 Moved Permanently 285 B URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ee27eff03f3504fadcdd554c98be04a0
e472d05b7787be7345e05fc143acc673e09029a0
c00ddefed1578f6b78461cc52b720d6ef7f797a9b1d118ade2c8d357f492a8f6
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 31 Jan 2023 03:07:35 GMT
Server: Apache
Location: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Content-Length: 285
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5063
Expires: Tue, 31 Jan 2023 04:31:59 GMT
Date: Tue, 31 Jan 2023 03:07:36 GMT
Connection: keep-alive
push.services.mozilla.com/
35.160.122.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.122.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UvzqNdAEUqjs1ebLV1wF6g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +stAWdyYfQa69uUPz3G228zLvAs=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11010
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:07:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11010
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:07:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11010
Expires: Tue, 31 Jan 2023 06:11:07 GMT
Date: Tue, 31 Jan 2023 03:07:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Y5NzMLzQjuZwG1KtxHM33FkcZaiHD_sdt0vr_X3uWGvCjsI4_olAtw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:50:35 GMT
age: 83822
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 42a648f9d34d8fb703f0b80a52e0deec
7ccefd66211d249ae5266c3b6ae3375a19e5cb6d
a57f8792e8caa2a31045a141d019f53f51b633d5d04baebdae97387740c6639d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4b003bbe-42d9-4014-8fbe-ddff072cc8b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5903
x-amzn-requestid: f6fca787-17c1-4edd-9ab0-a00e2fccc7a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboufGeSoAMF-1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d487f6-58be6bdc5e3e767e1ea47b86;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:27:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tAR5c5rQD0h5YZ6TU8pZKhUFUf5d0-l794EaYnwwkts3QXPhdYm6vA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:03:25 GMT
age: 21852
etag: "7ccefd66211d249ae5266c3b6ae3375a19e5cb6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 932f9938c0cf6a0073ade7aa5fbe63ee
10b2c53728e16614bc96fbce22e98a135e8fdc16
25c6402614ad4f04d35ea2512b613a5c239609ce03886a22b1a89d62ddf344f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc569de21-1642-45cb-a849-06e0eb6ce398.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6660
x-amzn-requestid: d1b88b8f-d5c5-4da3-b93a-ade94338e746
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRa8DFMaIAMF2Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d071e6-1fa8a996195c9b3406399769;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 00:03:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HkhlfofiCFusEluIswICaWL-lR_nnmhszPSRTqZL_tRixYUUqlUZ_g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:49:14 GMT
age: 19103
etag: "10b2c53728e16614bc96fbce22e98a135e8fdc16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 00:33:02 GMT
age: 9275
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 5098
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 4262
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
148.66.138.105200 OK 8.9 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (796)
Hash d47ac1e3371baa17c98aeb0ab536af49
88d7067b50fdaabcb0c01ef723aacc7a1452ca24
91a075d6fc1929af0b9c8b826a043f7257766e5ec155245e2748115151560a15
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:36 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Set-Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63; path=/
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8887
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
img1.wsimg.com/traffic-assets/js/tccl.min.js
95.101.10.131302 Found 0 B URL HTTP/2 img1.wsimg.com/traffic-assets/js/tccl.min.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /traffic-assets/js/tccl.min.js HTTP/1.1
Host: img1.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ayurvaidh.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-length: 0
location: https://img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
cache-control: max-age=1800
expires: Tue, 31 Jan 2023 03:37:39 GMT
date: Tue, 31 Jan 2023 03:07:39 GMT
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
95.101.10.131200 OK 11 kB URL HTTP/2 img6.wsimg.com/wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js
IP 95.101.10.131:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (45837)
Hash 645b88efa25fd10bf181698e5f994175
c702cebb7ad47f0839332bedae7c7913d7113b25
9555a4ec4987438fc2d5ffd29e91bec3e1829e3f765e700f8d8941412e5eb520
GET /wrhs/5c3e20ad749ddb088afc84b1b7ff009e/tccl.min.js HTTP/1.1
Host: img6.wsimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ayurvaidh.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
accept-ranges: bytes
content-encoding: br
etag: "5c3e20ad749ddb088afc84b1b7ff009e"
last-modified: Tue, 29 Nov 2022 21:30:05 GMT
vary: Accept-Encoding
x-amz-id-2: SOgzPYjoNVqHmzSUdDQxjVjpOcgl04n3arSWjBq/s2doz6LRg79tFfSvSDtud9Y0icsa8uPNWH0=
x-amz-request-id: SW42RCTKTQJH3SB5
x-amz-server-side-encryption: AES256
x-amz-version-id: sTnOEJpl_Bn63xNm3Yru0HbQaHbS55CR
content-length: 11347
cache-control: max-age=31536000
date: Tue, 31 Jan 2023 03:07:39 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
timing-allow-origin: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
148.66.138.105200 OK 454 B URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash d75a03e3bd41a58cb33cb6956a7ad668
0c92ef3f1b306bbb6eb22b7bc767281538d22e72
bdba529911a61bb8e20dca3e5cc41f956c899e3e3fb9156c28f622a7192c51a5
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/BusyIndicator-ver-D96AC53727CDA7F131E86944079EBDA2.css HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce0-418-5f3800a3d48b3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 454
Keep-Alive: timeout=5
Content-Type: text/css
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js
148.66.138.105200 OK 8.2 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (27294), with no line terminators
Hash 00e749dacb8ce964bc99dcf5753b31de
8700959f3217e9499e0c76cdc5f69e50b778c722
799a8b6536cf442c02cc09fea9d6994f67cfd7e02e8f2f560601b2ac44f3d704
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/wicket-ajax-jquery-ver-4D09ABFD59C4D1E8C40853E2941D8163.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce7-6a9e-5f3800a3d546b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8224
Keep-Alive: timeout=5
Content-Type: application/javascript
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js
148.66.138.105200 OK 2.0 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with CRLF, LF line terminators
Hash bdae10460dcf463151e17a170634d099
005cbde3a841420a287e3ca854378e3cf9240732
1905f605bb58ce61d8e064b020155235195e5b046e6c6e29d5ec253e632b6cca
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/busy-ver-C331575AF308054F00673A92BCB41217.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce2-1bed-5f3800a3d48b3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2010
Keep-Alive: timeout=5
Content-Type: application/javascript
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/webtrekk_v4.js
148.66.138.105200 OK 19 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/webtrekk_v4.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type C source, ASCII text, with very long lines (851)
Hash 23b6e420432d69165dcfa8445948bb26
021daa075d024569fc9a1fb461d08cdb958d643a
6bee89cb87db35f6508dcd45ac5ae105ff5b2d9bce770259ebfcf972cde3fcf7
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/webtrekk_v4.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce9-fbd1-5f3800a3d5853-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19369
Keep-Alive: timeout=5
Content-Type: application/javascript
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
148.66.138.105200 OK 128 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65476), with CRLF line terminators
Size 128 kB (127864 bytes)
Hash 788c1de488ff651b21bd8711466b8f0d
bf398b814b2a194259443d0855267d6e20eafe2b
017f7a1d63350340f625b37b165f812c03d6836c68d154a455caccfd8c20a292
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:42 GMT
ETag: "8360d94-11640a-5f3800a90817d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js
148.66.138.105200 OK 76 B URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
Hash a4737f975bb2a0d1688df6811ed22e88
2cfc6bf6091003cd3c1772f6fdbb1c4d77a50bfb
e31b7969fd6ba679a23c388cdf2bf2f55a4570cad28586c66dc645fbdd21710d
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/SuppressJavascriptConsoleBehavior-ver-1EA60D9506B6FAC9D0B9E6C.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ceb-67-5f3800a3d5853-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 76
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/main.js
148.66.138.105200 OK 107 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/main.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (27445)
Size 107 kB (106938 bytes)
Hash e2feabcad445138c16eabacd9ef4502d
7d35f9e40d142f31533ecbf0acbb5ab9e11ee38a
5a53ee54ac67a0229a3fee3e668dc1c4434e4ecca8a7fcdf7a79aef95aef4eee
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/main.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360cec-68f12-5f3800a3d5c3b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: application/javascript
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
148.66.138.105200 OK 45 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 400 x 328, 8-bit/color RGBA, non-interlaced\012- data
Hash 916fde8a4ca8095fc339d6829d7d6723
361d7a7c72709eb08ac9b8fc97b99f54cd3d5378
fb6ebe23316c03fd8d25e871bfdd9c41eb77e14115f5a01e3e0d97b94617779e
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/qrlhint-ver-916FDE8A4CA8095FC339D6829D7D6723.png HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce4-af26-5f3800a3d5083"
Accept-Ranges: bytes
Content-Length: 44838
Keep-Alive: timeout=5
Content-Type: image/png
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
148.66.138.105200 OK 2.0 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1333)
Hash a4288f3f0ce7f5c60c76a005c363b0a2
040c96d03849b32161c2f5a75570e300e101015b
9d0ce0dd87e2d9bc4171914be7b288f8388ce7c26dc58e0a465a82760e899914
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/qrl-ver-A4288F3F0CE7F5C60C76A005C363B0A2.svg HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce5-7df-5f3800a3d5083"
Accept-Ranges: bytes
Content-Length: 2015
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/svg+xml
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/images/ING_Deutschland_NoClaim.svg
148.66.138.105200 OK 16 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/images/ING_Deutschland_NoClaim.svg
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash e47a136be12eb3bd0a66e98fa0dfa5b4
eaa59bc2c2a2ec914cdf417a27dac951ef425ec3
475f12eb22b72af14086052c4dce2cdd331230ac9041163cfed2f64da530bd42
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/images/ING_Deutschland_NoClaim.svg HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360d22-3faf-5f3800a3d834b"
Accept-Ranges: bytes
Content-Length: 16303
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/svg+xml
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.html
148.66.138.105200 OK 30 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.html
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 29616, version 1.0\012- data
Hash 07aa96672a8b93f083d51a1bef9bcc4f
41c7987e5434e32705b703df0cfc1b0d76e07930
171080b56456b8852b6ed884ac2deac230314d97d82041db16022989942f4f3d
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.html HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:40 GMT
ETag: "8360d79-73bb-5f3800a7a6d1e"
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.html
148.66.138.105200 OK 30 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.html
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format (Version 2), TrueType, length 30456, version 1.0\012- data
Hash 2dcd89fdca28ffd811e13ae320a97997
05a1053e3c18a02f41028b7f798ef14186f417b1
12976fc1470cc894e4cde79b4837efb12fcacfc0442fcc9b4d28dc22b6a22e5f
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.html HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:40 GMT
ETag: "8360d77-76f5-5f3800a7a6d1e"
Accept-Ranges: bytes
Vary: Accept-Encoding
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Type: text/html
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/icons.woff
148.66.138.105200 OK 32 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/icons.woff
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 32296, version 1.0\012- data
Hash 1bdf5c66ba7e5eb7f5edfb45d2793603
83acd8228411d3872e0f1bfa1d0372684ddff6c8
305948d72ce8577a386f77079dacdb6841f18668f64cc7865a196a0624e5b5a8
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/icons.woff HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Mon, 30 Jan 2023 19:15:40 GMT
ETag: "8360d72-7e28-5f3800a7a6936"
Accept-Ranges: bytes
Content-Length: 32296
Vary: Accept-Encoding
Keep-Alive: timeout=5
Content-Type: font/woff
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/bundle.js
148.66.138.105200 OK 171 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/bundle.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65536), with no line terminators
Size 171 kB (170733 bytes)
Hash a0e2a921173de21dcc1f195f19fad496
edca719d26184e439f2acb56b043c98862303b2e
e75396ed20765f6ea626c156ddb52199fce54144cf9d189bbf24ea9d85ce3d43
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/bundle.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce6-9ade5-5f3800a3d546b-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.woff
148.66.138.105200 OK 37 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.woff
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 37344, version 1.0\012- data
Hash 9531ef579ed5b9569b6ed482aa1f297a
5274887d1ec5ec45971ec541df0d204a6512b8f7
4a0a7668aaa847d33f49023d0982c6331bc9705cad2586eccb8086a680ef534c
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Regular.woff HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:40 GMT
ETag: "8360d73-91e0-5f3800a7a6936"
Accept-Ranges: bytes
Content-Length: 37344
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.woff
148.66.138.105200 OK 38 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.woff
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 38292, version 1.0\012- data
Hash a1d59afa1efe789d1e6544a198c8cc66
163de62202df25679b975097fd0dd9f2afa3844e
e5cb35bd410aba4b717a1cc46814a88b50ff311f9514630dffa3480cb43b92e0
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNunBPIoxnfDCiDPJIr9jC1vYhMYnVHX3RmFyL-VjUn39Et4Pd5yOOeuOGinSEk/webjars/ing-feat-uilib-de/6.5.35/stylesheets/webfonts/INGMeWeb-Bold.woff HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/-5OTF6sW6E4Z9ceOYnWoukuqyTIBKJiZWKLPLf8XrPc4eNu/webjars/ing-feat-uilib-de/6.5.35/stylesheets/bundle.ibbr-ver-A1BC03D6FA9731EE7E461042EC133352.css
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:40 GMT
ETag: "8360d70-9594-5f3800a7a6936"
Accept-Ranges: bytes
Content-Length: 38292
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/jquery-3.js
148.66.138.105200 OK 31 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/jquery-3.js
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type ASCII text, with very long lines (65451)
Hash 888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/jquery-3.js HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:39 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360ce1-15d84-5f3800a3d48b3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP 142.250.74.131:0
Hash 51fd3d7b6a3a3295f1d9770a28f21d28
e9e7c77216da182e1eeda98f133d99a281ef046b
8ed6d6f021e43eff6a9c06271ac4e66eaf3665161a5033a0042cf76bb614cdb6
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:07:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP 142.250.74.131:0
Hash 51fd3d7b6a3a3295f1d9770a28f21d28
e9e7c77216da182e1eeda98f133d99a281ef046b
8ed6d6f021e43eff6a9c06271ac4e66eaf3665161a5033a0042cf76bb614cdb6
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:07:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
35.241.3.184200 OK 0 B URL HTTP/2 api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
IP 35.241.3.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/oAoDY7kHB/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ayurvaidh.com/
Origin: http://ayurvaidh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsXzJyajTBsjRlzpdw9c-zV9mT5nZcqU38Z8UIm9vQxpd6mnGy47B9RRZSGLHQmYq0uS_AV6iMpBHTXCMzxRcfFyA
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Tue, 31 Jan 2023 03:07:40 GMT
expires: Tue, 31 Jan 2023 03:07:40 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
148.66.138.105302 Found 237 B URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 97deaf83dffbfb2c66c927db1f218461
c80209d508b174655bf13224c4aabe06559e1c82
7494ff8fb917f033992a7015d13b7c12358b8578e4485c61d50dcdefc0b38d6e
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 302 Found
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Location: http://logistica.gestionesanmedellin.com/.well-known/
Content-Length: 237
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
35.241.3.184200 OK 67 B URL HTTP/2 api.usercentrics.eu/settings/oAoDY7kHB/latest/languages.json
IP 35.241.3.184:0
File type JSON data\012- , ASCII text, with no line terminators
Hash da13a9b5363ff28c20e52e67131f24fd
1d9f99b1ae654913e9d23a6477c477b7ce924292
86b7be6c42bfb970e332b5d92083dd6370cf0774eedcff50d97a8f689431b1ca
GET /settings/oAoDY7kHB/latest/languages.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ayurvaidh.com/
content-type: application/json
Origin: http://ayurvaidh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvKgxe51Rrz5fAr2zmdRUCXcII3ucA_X06ySdz4gCegA_WOj0naiWseocIk4bVMV79SFTygq5C3JFvoPJYgEiYXdg
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1674036420034116
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 67
content-encoding: gzip
x-goog-hash: crc32c=u6slow==, md5=2hOptTY/8owg5S5nEx8k/Q==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 67
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 31 Jan 2023 03:07:40 GMT
expires: Tue, 31 Jan 2023 03:07:50 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Wed, 18 Jan 2023 10:07:00 GMT
etag: "da13a9b5363ff28c20e52e67131f24fd"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/cross-domain-bridge.html
148.66.138.105200 OK 1.5 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/cross-domain-bridge.html
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (449)
Hash 9c3687c1a2fe7d3c1c1b61f802cc6b46
d0a2de3bded8c9f1d550f3a788036b0b755db3d9
2d85fb1d4fd1d6827f2164f136e4db884bf740194f7778c131c04c19daa5f7ac
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/ING%20Login_fichiers/cross-domain-bridge.html HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:40 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:36 GMT
ETag: "8360cea-1988-5f3800a3d5853-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1451
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/RFFQ8tpp2ig
IP 142.250.74.131:0
Hash 51fd3d7b6a3a3295f1d9770a28f21d28
e9e7c77216da182e1eeda98f133d99a281ef046b
8ed6d6f021e43eff6a9c06271ac4e66eaf3665161a5033a0042cf76bb614cdb6
POST /s/gts1d4/RFFQ8tpp2ig HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 03:07:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
35.241.3.184200 OK 0 B URL HTTP/2 api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
IP 35.241.3.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/oAoDY7kHB/latest/dps-de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ayurvaidh.com/
Origin: http://ayurvaidh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdsjpvw-3KbcIy7TCSgrHxqcQ1Tb884Bp7udSG6scrKiaOYrJc8mreLZeEgzMkQcEiDjT5DwIXv0d0UuWofqpydtcg
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Tue, 31 Jan 2023 03:07:41 GMT
expires: Tue, 31 Jan 2023 03:07:41 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
35.241.3.184200 OK 900 B URL HTTP/2 api.usercentrics.eu/settings/oAoDY7kHB/latest/dps-de.json
IP 35.241.3.184:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4506), with no line terminators
Hash 938409fc2de9e28ca6f265265805bb23
7b7fba7d9d80eeaea355856d25f80adbbc7f1c57
9ceb3a28432957d4553a34566fe48259f53e3e171ccaf3e6f8010434e94b4dbb
GET /settings/oAoDY7kHB/latest/dps-de.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ayurvaidh.com/
content-type: application/json
Origin: http://ayurvaidh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdssA1s0a8kHPmAmc8i8KAo1Qr-WMCXZt3HqDNYWrdeuSRkyf2c048vy7GbRaxToCIYSAewSBjkq05cQRtdRZcBnf3CpHKIR
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1674036420030187
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 900
content-encoding: gzip
x-goog-hash: crc32c=fa8fZw==, md5=k4QJ/C3p4oym8mUmWAW7Iw==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 900
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 31 Jan 2023 03:07:41 GMT
expires: Tue, 31 Jan 2023 03:07:51 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Wed, 18 Jan 2023 10:07:00 GMT
etag: "938409fc2de9e28ca6f265265805bb23"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json
35.241.3.184200 OK 0 B URL HTTP/2 api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json
IP 35.241.3.184:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /settings/oAoDY7kHB/latest/core.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ayurvaidh.com/
Origin: http://ayurvaidh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu5kwF-a5V4QQlYO-dk6veRydGeTqPQbswjHcJoGPXHqhIXc9rz3FsWeLttByfb9wjQf0OgOYFk97iew638Pypscg
access-control-allow-origin: *
access-control-max-age: 3600
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: content-type
date: Tue, 31 Jan 2023 03:07:41 GMT
expires: Tue, 31 Jan 2023 03:07:41 GMT
cache-control: private, max-age=0
content-length: 0
server: UploadServer
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json
35.241.3.184200 OK 717 B URL HTTP/2 api.usercentrics.eu/settings/oAoDY7kHB/latest/core.json
IP 35.241.3.184:0
File type JSON data\012- HTML document, Unicode text, UTF-8 text, with very long lines (1362), with no line terminators
Hash 3f68140547a7ccdefb3346f1fc490264
a5a87c9a51f409fd2a43ae3fedfe2ca26ce9e9e5
20c4b52eca4e2511da63c93bfbfc5aa7b3af1947d664dab10b0596a3f3577b1a
GET /settings/oAoDY7kHB/latest/core.json HTTP/1.1
Host: api.usercentrics.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ayurvaidh.com/
content-type: application/json
Origin: http://ayurvaidh.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-guploader-uploadid: ADPycduWkaWFWoj_7cnDp2_4xXyBjeGQxLEtKVoP8yVqbMPT8d24iI0czE79_lgFaCxNKJXhy5dwug3SOL9uBKs7DgpTcQ
vary: X-Goog-Allowed-Resources,Accept-Encoding
x-goog-generation: 1674036420038049
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 717
content-encoding: gzip
x-goog-hash: crc32c=Drvkyg==, md5=P2gUBUenzN77M0bx/EkCZA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 717
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
date: Tue, 31 Jan 2023 03:07:41 GMT
expires: Tue, 31 Jan 2023 03:07:51 GMT
cache-control: public, max-age=1800, s-maxage=10
last-modified: Wed, 18 Jan 2023 10:07:00 GMT
etag: "3f68140547a7ccdefb3346f1fc490264"
content-type: application/json
age: 0
strict-transport-security: max-age=7776000
x-client-geo-location: NO,NO03
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
148.66.138.105302 Found 237 B URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 97deaf83dffbfb2c66c927db1f218461
c80209d508b174655bf13224c4aabe06559e1c82
7494ff8fb917f033992a7015d13b7c12358b8578e4485c61d50dcdefc0b38d6e
Analyzer Verdict Alert fortinet Phishing
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/w/r/tssV3vNFVypuDO4q6CZvTqxO8zVczbxBr7eENRPMjGtKp62OBiqmyLohiMrI5BqpXCs62GFSuwLYFzfHyJqE6M5Y9M03xyVRIJI3E6FvWX5N6ak0sg5voA/webjars/ing-feat-uilib-de/6.5.35/images/dots-ver-EA9B3C619827FD887CE3FFC8153FA257.lottie HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Connection: keep-alive
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63
HTTP/1.1 302 Found
Date: Tue, 31 Jan 2023 03:07:41 GMT
Server: Apache
Location: http://logistica.gestionesanmedellin.com/.well-known/
Content-Length: 237
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
events.api.secureserver.net/t/1/tl/event?cts=1675134475592&dh=ayurvaidh.com&dr=http%3A%2F%2Fayurvaidh.com%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1311507016&cv=2.0.1&z=1719717789&vg=143cd50d-122c-516a-bf50-35fcbbed4cda&vtg=143cd50d-122c-516a-bf50-35fcbbed4cda&dp=%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2Fclients&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0091%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%226825341%22%7D&hit_id=0d016c1d-1697-55d8-94af-f07d67d2a095&ht=pageview
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1675134475592&dh=ayurvaidh.com&dr=http%3A%2F%2Fayurvaidh.com%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1311507016&cv=2.0.1&z=1719717789&vg=143cd50d-122c-516a-bf50-35fcbbed4cda&vtg=143cd50d-122c-516a-bf50-35fcbbed4cda&dp=%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2Fclients&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0091%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%226825341%22%7D&hit_id=0d016c1d-1697-55d8-94af-f07d67d2a095&ht=pageview
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1675134475592&dh=ayurvaidh.com&dr=http%3A%2F%2Fayurvaidh.com%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1311507016&cv=2.0.1&z=1719717789&vg=143cd50d-122c-516a-bf50-35fcbbed4cda&vtg=143cd50d-122c-516a-bf50-35fcbbed4cda&dp=%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2Fclients&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0091%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%226825341%22%7D&hit_id=0d016c1d-1697-55d8-94af-f07d67d2a095&ht=pageview HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ayurvaidh.com
Connection: keep-alive
Referer: http://ayurvaidh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: http://ayurvaidh.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 31 Jan 2023 03:07:41 GMT
X-Firefox-Spdy: h2
events.api.secureserver.net/t/1/tl/event?cts=1675134475894&dh=ayurvaidh.com&dr=http%3A%2F%2Fayurvaidh.com%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1311507016&cv=2.0.1&z=1743817776&vg=143cd50d-122c-516a-bf50-35fcbbed4cda&vtg=143cd50d-122c-516a-bf50-35fcbbed4cda&dp=%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2Fclients&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0091%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%226825341%22%7D&hit_id=8d08c1f5-9f99-5268-aa19-8f073d88cd89&ht=perf&tce=1675134470799&tcs=1675134470799&tdc=1675134475885&tdclee=1675134475598&tdcles=1675134475597&tdi=1675134475591&tdl=1675134474042&tdle=1675134470799&tdls=1675134470799&tfs=1675134470799&tns=1675134470488&trqs=1675134470802&tre=1675134474037&trps=1675134474036&tles=1675134475885&tlee=0&nt=navigate&nav_type=hard
104.84.152.186200 OK 43 B URL HTTP/2 events.api.secureserver.net/t/1/tl/event?cts=1675134475894&dh=ayurvaidh.com&dr=http%3A%2F%2Fayurvaidh.com%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1311507016&cv=2.0.1&z=1743817776&vg=143cd50d-122c-516a-bf50-35fcbbed4cda&vtg=143cd50d-122c-516a-bf50-35fcbbed4cda&dp=%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2Fclients&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0091%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%226825341%22%7D&hit_id=8d08c1f5-9f99-5268-aa19-8f073d88cd89&ht=perf&tce=1675134470799&tcs=1675134470799&tdc=1675134475885&tdclee=1675134475598&tdcles=1675134475597&tdi=1675134475591&tdl=1675134474042&tdle=1675134470799&tdls=1675134470799&tfs=1675134470799&tns=1675134470488&trqs=1675134470802&tre=1675134474037&trps=1675134474036&tles=1675134475885&tlee=0&nt=navigate&nav_type=hard
IP 104.84.152.186:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /t/1/tl/event?cts=1675134475894&dh=ayurvaidh.com&dr=http%3A%2F%2Fayurvaidh.com%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&vci=1311507016&cv=2.0.1&z=1743817776&vg=143cd50d-122c-516a-bf50-35fcbbed4cda&vtg=143cd50d-122c-516a-bf50-35fcbbed4cda&dp=%2F--%2FGNI-DE%2FGNI-DE%2FDEE%2FINGDE%2F929605ac569584266611%2Fclients&ap=cpsh&trfd=%7B%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22sg3plcpnl0091%22%2C%22dcenter%22%3A%22sg3%22%2C%22cp_id%22%3A%226825341%22%7D&hit_id=8d08c1f5-9f99-5268-aa19-8f073d88cd89&ht=perf&tce=1675134470799&tcs=1675134470799&tdc=1675134475885&tdclee=1675134475598&tdcles=1675134475597&tdi=1675134475591&tdl=1675134474042&tdle=1675134470799&tdls=1675134470799&tfs=1675134470799&tns=1675134470488&trqs=1675134470802&tre=1675134474037&trps=1675134474036&tles=1675134475885&tlee=0&nt=navigate&nav_type=hard HTTP/1.1
Host: events.api.secureserver.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ayurvaidh.com
Connection: keep-alive
Referer: http://ayurvaidh.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
access-control-allow-origin: http://ayurvaidh.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
cache-control: private
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000 ; includeSubDomains
x-frame-options: DENY
date: Tue, 31 Jan 2023 03:07:41 GMT
X-Firefox-Spdy: h2
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/static/resource/icon-512x512-ver-F89530A5EAD037F63979954F143D2DD3.png
148.66.138.105200 OK 13 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/static/resource/icon-512x512-ver-F89530A5EAD037F63979954F143D2DD3.png
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Hash f89530a5ead037f63979954f143d2dd3
7ff89cc3b0180076a69deedbeea30e3f8eca9847
0a75726d7aac0475024371a2f5f43890723f97274065780b3db73f1283b4bdcd
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/static/resource/icon-512x512-ver-F89530A5EAD037F63979954F143D2DD3.png HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63; _tccl_visitor=143cd50d-122c-516a-bf50-35fcbbed4cda; _tccl_visit=143cd50d-122c-516a-bf50-35fcbbed4cda
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:41 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:42 GMT
ETag: "8360db8-313e-5f3800a909505"
Accept-Ranges: bytes
Content-Length: 12606
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/static/resource/icon-16x16-ver-34F56DF9647FC5EF3BBEFA31470B5827.png
148.66.138.105200 OK 1.9 kB URL HTTP/1.1 ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/static/resource/icon-16x16-ver-34F56DF9647FC5EF3BBEFA31470B5827.png
IP 148.66.138.105:0
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 34f56df9647fc5ef3bbefa31470b5827
16fd7a463e24ed60616286a68bc2102af0134ac0
1f188ffd3aa59bd0c27f1aaed73783064c52b8327809f8b1eb9c3454d51c46a9
Analyzer Verdict Alert urlquery phishing Phishing - ING Group
urlquery phishing Phishing - ING Group
GET /--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/static/resource/icon-16x16-ver-34F56DF9647FC5EF3BBEFA31470B5827.png HTTP/1.1
Host: ayurvaidh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ayurvaidh.com/--/GNI-DE/GNI-DE/DEE/INGDE/929605ac569584266611/clients/
Cookie: PHPSESSID=a68aab2a612ac19bd59a15e22b93bc63; _tccl_visitor=143cd50d-122c-516a-bf50-35fcbbed4cda; _tccl_visit=143cd50d-122c-516a-bf50-35fcbbed4cda
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 03:07:41 GMT
Server: Apache
Last-Modified: Mon, 30 Jan 2023 19:15:42 GMT
ETag: "8360dc2-755-5f3800a909cd5"
Accept-Ranges: bytes
Content-Length: 1877
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png