31.31.198.110302 Found 0 B URL User Request GET HTTP/2 IP 31.31.198.110:443
ASN #197695 Domain names registrar REG.RU, Ltd
Certificate IssuerLet's Encrypt
Subjectloveto.one
FingerprintDE:CA:41:48:C5:E1:16:B0:4C:BD:AA:0F:A2:97:AD:BA:63:33:BD:92
ValidityWed, 03 May 2023 02:44:07 GMT - Tue, 01 Aug 2023 02:44:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /NC8B8q HTTP/1.1
Host: u.loveto.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 May 2023 10:04:29 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-powered-by: PHP/5.6.36
expires: Thu, 21 Jul 1977 07:30:00 GMT
cache-control: max-age=0
pragma: no-cache
set-cookie: 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0NTFcIjoxNjg0OTIyNjY5fSxcImNhbXBhaWduc1wiOntcIjk4OFwiOjE2ODQ5MjI2Njl9LFwidGltZVwiOjE2ODQ5MjI2Njl9In0.WfHmy6zb9MWCD5cZgva2yiHOR_vH6UAjcmOM5tfQ5zo; expires=Sat, 24-Jun-2023 10:04:29 GMT; Max-Age=2678400; path=/; domain=.u.loveto.one
last-modified: Wed, 24 May 2023 10:04:29 GMT
location: https://xwegm.imitrkn.net/?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch
X-Firefox-Spdy: h2
xwegm.imitrkn.net/?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch
63.32.216.166302 Found 47 B URL User Request GET HTTP/2 xwegm.imitrkn.net/?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch
IP 63.32.216.166:443
Certificate IssuerLet's Encrypt
Subject*.imitrkn.net
Fingerprint0E:93:27:20:FF:C6:61:B8:05:32:78:CC:90:52:51:33:6A:FF:6D:6C
ValidityWed, 17 May 2023 00:30:48 GMT - Tue, 15 Aug 2023 00:30:47 GMT
File type HTML document, ASCII text
Hash 70ce351b4e0fb3179c66d3c13286792d
521d3842914d13d0b9b96560de13ab793d7ae844
deb17edf2b88c355f649cd49ad76a08fbd4985c16f908baa392d62035417a82b
GET /?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch HTTP/1.1
Host: xwegm.imitrkn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Wed, 24 May 2023 10:04:29 GMT
content-type: text/html; charset=utf-8
content-length: 47
location: https://www.imitrk13.com
set-cookie: unique_id=646de12d00069c7f; Path=/; Expires=Sun, 23 Jul 2023 10:04:29 GMT; Secure; SameSite=None
unique_id2=646de12d0006a331; Path=/; Expires=Tue, 22 Aug 2023 10:04:29 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Wed, 24 May 2023 10:04:29 GMT; Secure; SameSite=None
tid=sevji646de12d000063f5; Path=/; Expires=Thu, 27 Apr 2028 10:04:29 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
88.221.27.128200 OK 816 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 7d64e365849620843bd06ba6696f8a52
26a4ab93251e88303f5882a40b4e82dbaf5a81b9
7e5518528581ceacd42f783448f1574c769e17c3b4e41bba5a2a45051bf08bd8
GET /landings/278174/1674550754/css/style.css?1674550755 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: rNHLgiI05jhtT25i5exCC89igntb9p/9v23pvwaoigw3Zg8ESbqUjyMVCfGjSM5z4oJWFlMrWpk=
x-amz-request-id: WX9NGPSEDR8E1TCJ
Last-Modified: Tue, 24 Jan 2023 08:59:17 GMT
ETag: "7d64e365849620843bd06ba6696f8a52"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 24 May 2023 10:04:30 GMT
Content-Length: 816
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
18.200.4.16200 OK 4.5 kB URL User Request GET HTTP/2 IP 18.200.4.16:443
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (447), with CRLF, LF line terminators
Hash 478869364735b714a4394d5cda35ee1f
21500bfc55b4eab795ee7d2216dc21e376041603
b01bbd11f33757836fbbc23e2da8af45d6f7be55e897492473ec7a49fa14a33e
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 10:04:30 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=646de12e0001a361; Path=/; Expires=Sun, 23 Jul 2023 10:04:30 GMT; Secure; SameSite=None
unique_id2=646de12e0001ab36; Path=/; Expires=Tue, 22 Aug 2023 10:04:30 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Wed, 24 May 2023 10:04:30 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
www.imitrk13.com/js/pushjs/1.0.0/utils.js
18.200.4.16200 OK 3.9 kB URL GET HTTP/2 www.imitrk13.com/js/pushjs/1.0.0/utils.js
IP 18.200.4.16:443
Requested by https://www.imitrk13.com/
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type gzip compressed data, from Unix\012- data
Hash 07c6edf6e88351e5ebdb0c874676ba5f
2aa089064abd0f3c51676eb1ad14015bfbfd9d60
f2d7b73532cc823528f7122573d72ebbc1f45dbdbff4f277f6a6a871a0adb191
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=646de12e0001a361; unique_id2=646de12e0001ab36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 10:04:30 GMT
content-type: application/javascript
expires: Wed, 31 May 2023 10:04:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash c02ea2eb31eb1af30ad378cddf6f94b5
f6190e85f669f8282ec9c4a36cf7f552c82f4989
e218cdd31cbdc6f9019a3ba5dbcd1451c74d4c9704bb0187b0b2dcc7481a4daa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dimi.akamaized.net/assets/css/reset.css
88.221.27.128302 Moved Temporarily 0 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/assets/css/reset.css
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/reset.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Wed, 24 May 2023 10:04:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/404
88.221.27.128404 Not Found 134 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/404
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 24 May 2023 10:04:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/assets/css/style.css
88.221.27.128302 Moved Temporarily 0 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/assets/css/style.css
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/style.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Wed, 24 May 2023 10:04:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/404
88.221.27.128404 Not Found 134 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/404
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278174/1674550754/images/pic-man.png
88.221.27.128200 OK 38 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278174/1674550754/images/pic-man.png
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 814 x 896, 8-bit colormap, non-interlaced\012- data
Hash 17e08579016eb684bf161ffaac47b22a
74c758c61f2bfa4a8a61ba07fd591b7d70a1343b
7fe7095dee01c817bf9d4e7e8c7d7a0227721c2cc2426c1601dbe51856fec734
GET /landings/278174/1674550754/images/pic-man.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 5sog3PeyIav3XIO0QG4ob5m3CcBk7r5NEHjCn1fUvuYbUZGZ853cRiM/l+WfgquJFN/xfntcPjA=
x-amz-request-id: EXT9N11RR53VZ6BG
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "17e08579016eb684bf161ffaac47b22a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 37784
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278174/1674550754/images/favicon.ico?t=20230524100430
88.221.27.128200 OK 1.2 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278174/1674550754/images/favicon.ico?t=20230524100430
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3c292280ee9b4d7a15bf7b3a6673acf7
72fae9ef1e5a2c730fbcf586cb84b6ebecae6189
658e1996ba0e0e34a6e650d1d4b7463ca1e0793e9b7ccb3f424a0ccd4625c17b
GET /landings/278174/1674550754/images/favicon.ico?t=20230524100430 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: RXlV2ZgprwnB6Qfx/57/3coATDU8egJbC4SCzpFRd4LFiFGKz8LpRCKBxAe6YgxEE19/bSdwRRQ=
x-amz-request-id: K9T39SWFE49EHYP8
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "3c292280ee9b4d7a15bf7b3a6673acf7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 1150
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278174/1674550754/images/arrow.svg
88.221.27.128200 OK 5.2 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278174/1674550754/images/arrow.svg
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (854)
Hash 349f207f561b8a5aaa030f17f7faa9d8
488f571a76a5ecff5a3f9ed85940feb0b29637a8
cbc3d1acb359e7a987ef29a89f62ee132f49318a3a328dfbd119a493fee8f167
GET /landings/278174/1674550754/images/arrow.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 0Rr0PkDNzLrBtIuwSn77/2Vrr7DG+8UjOSGZ5Fw8CmVOGbPzf64zMa1UEbVS+MJ4zYTlHk9gfL5l3lpTtHGtWg==
x-amz-request-id: 44EFR0VB5VF6SY0R
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "349f207f561b8a5aaa030f17f7faa9d8"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5162
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.35200 OK 10 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.35:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (35547)
Hash 0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:27 GMT
expires: Wed, 22 May 2024 21:40:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 44644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.35200 OK 8.6 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.35:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (25088)
Hash 9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:35 GMT
expires: Wed, 22 May 2024 17:31:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 59576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/278174/1674550754/images/main-bg.png
88.221.27.128200 OK 355 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278174/1674550754/images/main-bg.png
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 1920 x 1080, 4-bit colormap, non-interlaced\012- data
Size 355 kB (354682 bytes)
Hash baebaa2a4eda3de7ade641c5ae18c0a4
08bbdad58ce7715c5a09521161656f853ae182d0
c6399f73e14090a0addc73534a2d41d0c198747b5c2b562b988ecfdcb4e37a3d
GET /landings/278174/1674550754/images/main-bg.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 5zwzmTtbERJEHk9CqHOUD/HYLAJxzthGgJhYX/e1FSWSiaVNvu47+MN3lfuewe++ocsAcRUl9Fk=
x-amz-request-id: RMNE5Z4ZSKAH6V8Q
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "baebaa2a4eda3de7ade641c5ae18c0a4"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 354682
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
142.250.74.35200 OK 18 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
IP 142.250.74.35:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data
Hash cfdce67a2e07ba6cf05e0292d7f3f9b7
dcad1b9e50f8ef49ec4600fe88c68c165d9b7e61
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c
GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imitrk13.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 02:23:45 GMT
expires: Fri, 17 May 2024 02:23:45 GMT
cache-control: public, max-age=31536000
age: 546046
last-modified: Mon, 11 Jul 2022 21:02:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dimi.akamaized.net/landings/278174/1674550754/css/reset.css?1674550755
88.221.27.128200 OK 1.7 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278174/1674550754/css/reset.css?1674550755
IP 88.221.27.128:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with very long lines (2066), with no line terminators
Hash 19ed0936bf4314e383b24dc9e8436d2f
ca421b4070038d3922058fddffbd9d43588297fa
33ec02fc15caecbc141bedaa96611bb139a5933e1d9acf5acb4de3e4088111a3
GET /landings/278174/1674550754/css/reset.css?1674550755 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: up4DaCMUwfCeX/qwWAJUyDZm58oQYPxxVgLPlPbMk7DkDND0pr2CItqYvD6QAg4bLULLhtLCFC4=
x-amz-request-id: EAQW8BV5BP11Q74R
Last-Modified: Tue, 24 Jan 2023 08:59:17 GMT
ETag: "474f10b7230be35c0d196a74fc40ecbe"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 24 May 2023 10:04:30 GMT
Content-Length: 751
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
fonts.googleapis.com/css2?family=Inter:wght@600&display=swap
142.250.74.106200 OK 2.5 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@600&display=swap
IP 142.250.74.106:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (2537), with no line terminators
Hash 03e12c0ad4923973c517091ddca48ff0
70b5f072fddb55df3e87a1fb672f7a48b2e1fac4
a783749c6cac3ffbc4af3eccc221b931ae145dc92dbba16f43f007f704e3ab23
GET /css2?family=Inter:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 10:04:30 GMT
date: Wed, 24 May 2023 10:04:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
18.200.4.16200 OK 9.4 kB URL GET HTTP/2 www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
IP 18.200.4.16:443
Requested by https://www.imitrk13.com/
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators
Hash 84b622eb79d84a20b4fb5d3e2e122e2a
73eb77325e2b070e36f393eb4db66fa5af549ac6
514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=646de12e0001a361; unique_id2=646de12e0001ab36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 10:04:30 GMT
content-type: application/javascript
expires: Wed, 31 May 2023 10:04:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2