Report - u.loveto.one/NC8B8q

Report Overview

Submitted URL
u.loveto.one/NC8B8q
IP
31.31.198.110
ASN
#197695 Domain names registrar REG.RU, Ltd
Submitted
2023-05-24 10:04:47
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-23	1.7 kB	3.5 kB	142.250.74.131
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-23	856 B	20 kB	142.250.74.35
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-23	554 B	18 kB	142.250.74.35
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-23	459 B	3.1 kB	142.250.74.106
u.loveto.one	unknown	2020-01-09	2022-06-07	2023-05-20	475 B	738 B	31.31.198.110
xwegm.imitrkn.net	unknown	2022-10-04	2023-02-08	2023-05-07	547 B	619 B	63.32.216.166
cdn-dimi.akamaized.net	unknown	2014-03-18	2022-07-07	2023-05-23	4.6 kB	405 kB	88.221.27.128
www.imitrk13.com	unknown	2022-09-22	2023-01-31	2023-05-22	1.5 kB	19 kB	18.200.4.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-24	medium	u.loveto.one/NC8B8q
2023-05-24	medium	www.imitrk13.com/
2023-05-24	medium	www.imitrk13.com/js/pushjs/1.0.0/utils.js
2023-05-24	medium	www.imitrk13.com/js/pushjs/1.0.0/subscriber.js

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.imitrk13.com/	2.0 kB	2023-05-24	2023-05-24
Pretty URL www.imitrk13.com/ IP 18.200.4.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 12:04:53 Last Seen2023-05-24 12:04:53 Times Seen1 Hash 8e077d2ab4764398df449b978915c68f 2017899ceeb05bcf1cba52f9ab5f61a99b148b3e 66422031ed6bdff158023309df48c70ac55f577ffe53bec51f0a0d3da064cf43 Loading...

	www.imitrk13.com/	3.1 kB	2023-05-24	2023-05-24
Pretty URL www.imitrk13.com/ IP 18.200.4.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 12:04:53 Last Seen2023-05-24 12:04:53 Times Seen1 Hash fa55875032ef0f31b7525e3cf9d8c6f8 020102f6603767f7caecf0494308af949f75800e 5c69d016bcebfec15b246b5bd9701b0998b58420ebb6a5b873a0efbcc7928aab Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js	2.3 kB	2023-05-05	2024-04-23
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/shims/firebase.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-23 12:46:48 Times Seen9696 Hash 32d439c9ec8c789e843ae58b6774681c deb2c661dacf46eb3a1eacbba3e430dcf10cc395 f65e83801e16f98e150ae8843afb4c98c0b3ac0fa7fbe5a5ec687b08119732d6 Loading...

	www.imitrk13.com/js/pushjs/1.0.0/utils.js	7.1 kB	2023-03-07	2024-04-21
Pretty URL www.imitrk13.com/js/pushjs/1.0.0/utils.js IP 18.200.4.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-21 23:30:57 Times Seen4796 Hash 711c7ecda710a342d24faef1dec76ede d1b38489603a2aecc2be5edb4fa4cd8d442fe727 41a5e34d6777a471d63211252ce51555815b728949dc81cec01414f4ffdb98eb Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js	36 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen11070 Hash 0cb7a0eb328ea70ab360f861314c8820 e3e20eb50dae36f4cbcef1890b1cc7878acb537a 4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9 Loading...

	www.gstatic.com/firebasejs/5.0.2/firebase-app.js	25 kB	2023-03-07	2024-04-21
Pretty URL www.gstatic.com/firebasejs/5.0.2/firebase-app.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:22 Last Seen2024-04-21 23:30:58 Times Seen10994 Hash 9164d0e8a317eceb870cca88c9683127 4617c910005f7100b4ff26a458a8b4463e33cdc6 15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931 Loading...

	www.imitrk13.com/	9.4 kB	2023-05-24	2023-05-24
Pretty URL www.imitrk13.com/ IP 18.200.4.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 12:04:53 Last Seen2023-05-24 12:04:53 Times Seen1 Hash 9d86f648fbd4cfba084863e210256347 fb8e16dcefb154327b9c2f39b90efea2fdce15b9 fcf0b0a49e01397dcfbada92c6a638c218737360eaf9c71e852e3df587dd762e Loading...

	www.imitrk13.com/	242 B	2023-05-24	2023-05-24
Pretty URL www.imitrk13.com/ IP 18.200.4.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-24 12:04:53 Last Seen2023-05-24 12:04:53 Times Seen1 Hash e6a0fcd31d0761b2adde888c16bcaade 8cee87499436f48841e837222372aa4b3bd39cca c48d26f60ba69e08d3026c82c078f82941d256d77531c324a4aa0e03cb5d5d30 Loading...

	www.imitrk13.com/js/pushjs/1.0.0/subscriber.js	9.4 kB	2023-05-23	2023-07-25
Pretty URL www.imitrk13.com/js/pushjs/1.0.0/subscriber.js IP 18.200.4.16 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-23 13:07:49 Last Seen2023-07-25 20:18:06 Times Seen1187 Hash 9a76092417bab7e2f25aac9bb01c6a91 07158fa1c2bd1f320b4401b1a535430afe66655a 788a5bacebaac190a447e071de8c171e7f8baa55be95df07621b24ea4fb667a2 Loading...

	www.imitrk13.com/sandbox%20eval%20code	123 B	2023-05-05	2024-04-23
Pretty URL www.imitrk13.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 23:38:25 Last Seen2024-04-23 12:46:47 Times Seen7415 Hash 239166f4d1bda569909c9af241098419 ad3987a93224de5c735c7c380daf5bfaecf60ac8 255566913e81e0587539abba68839777480779575271b734e817e7093f4dceec Loading...

HTTP Transactions (24)

URL IP Response Size

u.loveto.one/NC8B8q

31.31.198.110

302 Found

0 B

URL User Request GET HTTP/2
u.loveto.one/NC8B8q
IP
31.31.198.110:443
ASN
#197695 Domain names registrar REG.RU, Ltd

Certificate
IssuerLet's Encrypt
Subjectloveto.one
FingerprintDE:CA:41:48:C5:E1:16:B0:4C:BD:AA:0F:A2:97:AD:BA:63:33:BD:92
ValidityWed, 03 May 2023 02:44:07 GMT - Tue, 01 Aug 2023 02:44:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /NC8B8q HTTP/1.1
Host: u.loveto.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 24 May 2023 10:04:29 GMT
content-type: text/html; charset=utf-8
content-length: 0
x-powered-by: PHP/5.6.36
expires: Thu, 21 Jul 1977 07:30:00 GMT
cache-control: max-age=0
pragma: no-cache
set-cookie: 847ba=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjQ0NTFcIjoxNjg0OTIyNjY5fSxcImNhbXBhaWduc1wiOntcIjk4OFwiOjE2ODQ5MjI2Njl9LFwidGltZVwiOjE2ODQ5MjI2Njl9In0.WfHmy6zb9MWCD5cZgva2yiHOR_vH6UAjcmOM5tfQ5zo; expires=Sat, 24-Jun-2023 10:04:29 GMT; Max-Age=2678400; path=/; domain=.u.loveto.one
last-modified: Wed, 24 May 2023 10:04:29 GMT
location: https://xwegm.imitrkn.net/?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch
X-Firefox-Spdy: h2

xwegm.imitrkn.net/?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch

63.32.216.166

302 Found

47 B

URL User Request GET HTTP/2
xwegm.imitrkn.net/?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch
IP
63.32.216.166:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.imitrkn.net
Fingerprint0E:93:27:20:FF:C6:61:B8:05:32:78:CC:90:52:51:33:6A:FF:6D:6C
ValidityWed, 17 May 2023 00:30:48 GMT - Tue, 15 Aug 2023 00:30:47 GMT

File type
HTML document, ASCII text
Size
47 B (47 bytes)
Hash
70ce351b4e0fb3179c66d3c13286792d
521d3842914d13d0b9b96560de13ab793d7ae844
deb17edf2b88c355f649cd49ad76a08fbd4985c16f908baa392d62035417a82b

HTTP Headers

GET /?utm_source=49c369ac52b67f91&s1=27062&s2=152759&click_id=2i35301fac22o0ch HTTP/1.1
Host: xwegm.imitrkn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Wed, 24 May 2023 10:04:29 GMT
content-type: text/html; charset=utf-8
content-length: 47
location: https://www.imitrk13.com
set-cookie: unique_id=646de12d00069c7f; Path=/; Expires=Sun, 23 Jul 2023 10:04:29 GMT; Secure; SameSite=None
unique_id2=646de12d0006a331; Path=/; Expires=Tue, 22 Aug 2023 10:04:29 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Wed, 24 May 2023 10:04:29 GMT; Secure; SameSite=None
tid=sevji646de12d000063f5; Path=/; Expires=Thu, 27 Apr 2028 10:04:29 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755

88.221.27.128

200 OK

816 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with CRLF line terminators
Size
816 B (816 bytes)
Hash
7d64e365849620843bd06ba6696f8a52
26a4ab93251e88303f5882a40b4e82dbaf5a81b9
7e5518528581ceacd42f783448f1574c769e17c3b4e41bba5a2a45051bf08bd8

HTTP Headers

GET /landings/278174/1674550754/css/style.css?1674550755 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: rNHLgiI05jhtT25i5exCC89igntb9p/9v23pvwaoigw3Zg8ESbqUjyMVCfGjSM5z4oJWFlMrWpk=
x-amz-request-id: WX9NGPSEDR8E1TCJ
Last-Modified: Tue, 24 Jan 2023 08:59:17 GMT
ETag: "7d64e365849620843bd06ba6696f8a52"
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 24 May 2023 10:04:30 GMT
Content-Length: 816
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

www.imitrk13.com/

18.200.4.16

200 OK

4.5 kB

URL User Request GET HTTP/2
www.imitrk13.com/
IP
18.200.4.16:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (447), with CRLF, LF line terminators
Size
4.5 kB (4498 bytes)
Hash
478869364735b714a4394d5cda35ee1f
21500bfc55b4eab795ee7d2216dc21e376041603
b01bbd11f33757836fbbc23e2da8af45d6f7be55e897492473ec7a49fa14a33e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 10:04:30 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=646de12e0001a361; Path=/; Expires=Sun, 23 Jul 2023 10:04:30 GMT; Secure; SameSite=None
unique_id2=646de12e0001ab36; Path=/; Expires=Tue, 22 Aug 2023 10:04:30 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Wed, 24 May 2023 10:04:30 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2

www.imitrk13.com/js/pushjs/1.0.0/utils.js

18.200.4.16

200 OK

3.9 kB

URL GET HTTP/2
www.imitrk13.com/js/pushjs/1.0.0/utils.js
IP
18.200.4.16:443
ASN
#16509 AMAZON-02

Requested by
https://www.imitrk13.com/
Certificate
IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT

File type
gzip compressed data, from Unix\012- data
Size
3.9 kB (3859 bytes)
Hash
07c6edf6e88351e5ebdb0c874676ba5f
2aa089064abd0f3c51676eb1ad14015bfbfd9d60
f2d7b73532cc823528f7122573d72ebbc1f45dbdbff4f277f6a6a871a0adb191

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=646de12e0001a361; unique_id2=646de12e0001ab36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 10:04:30 GMT
content-type: application/javascript
expires: Wed, 31 May 2023 10:04:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c02ea2eb31eb1af30ad378cddf6f94b5
f6190e85f669f8282ec9c4a36cf7f552c82f4989
e218cdd31cbdc6f9019a3ba5dbcd1451c74d4c9704bb0187b0b2dcc7481a4daa

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/assets/css/reset.css

88.221.27.128

302 Moved Temporarily

0 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/assets/css/reset.css
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/css/reset.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Wed, 24 May 2023 10:04:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/404

88.221.27.128

404 Not Found

134 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/404
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 24 May 2023 10:04:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/assets/css/style.css

88.221.27.128

302 Moved Temporarily

0 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/assets/css/style.css
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Wed, 24 May 2023 10:04:30 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/404

88.221.27.128

404 Not Found

134 B

URL GET HTTP/1.1
cdn-dimi.akamaized.net/404
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
134 B (134 bytes)
Hash
9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1

HTTP Headers

GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/278174/1674550754/images/pic-man.png

88.221.27.128

200 OK

38 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/278174/1674550754/images/pic-man.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 814 x 896, 8-bit colormap, non-interlaced\012- data
Size
38 kB (37784 bytes)
Hash
17e08579016eb684bf161ffaac47b22a
74c758c61f2bfa4a8a61ba07fd591b7d70a1343b
7fe7095dee01c817bf9d4e7e8c7d7a0227721c2cc2426c1601dbe51856fec734

HTTP Headers

GET /landings/278174/1674550754/images/pic-man.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5sog3PeyIav3XIO0QG4ob5m3CcBk7r5NEHjCn1fUvuYbUZGZ853cRiM/l+WfgquJFN/xfntcPjA=
x-amz-request-id: EXT9N11RR53VZ6BG
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "17e08579016eb684bf161ffaac47b22a"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 37784
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/278174/1674550754/images/favicon.ico?t=20230524100430

88.221.27.128

200 OK

1.2 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/278174/1674550754/images/favicon.ico?t=20230524100430
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
1.2 kB (1150 bytes)
Hash
3c292280ee9b4d7a15bf7b3a6673acf7
72fae9ef1e5a2c730fbcf586cb84b6ebecae6189
658e1996ba0e0e34a6e650d1d4b7463ca1e0793e9b7ccb3f424a0ccd4625c17b

HTTP Headers

GET /landings/278174/1674550754/images/favicon.ico?t=20230524100430 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: RXlV2ZgprwnB6Qfx/57/3coATDU8egJbC4SCzpFRd4LFiFGKz8LpRCKBxAe6YgxEE19/bSdwRRQ=
x-amz-request-id: K9T39SWFE49EHYP8
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "3c292280ee9b4d7a15bf7b3a6673acf7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 1150
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

cdn-dimi.akamaized.net/landings/278174/1674550754/images/arrow.svg

88.221.27.128

200 OK

5.2 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/278174/1674550754/images/arrow.svg
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (854)
Size
5.2 kB (5162 bytes)
Hash
349f207f561b8a5aaa030f17f7faa9d8
488f571a76a5ecff5a3f9ed85940feb0b29637a8
cbc3d1acb359e7a987ef29a89f62ee132f49318a3a328dfbd119a493fee8f167

HTTP Headers

GET /landings/278174/1674550754/images/arrow.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 0Rr0PkDNzLrBtIuwSn77/2Vrr7DG+8UjOSGZ5Fw8CmVOGbPzf64zMa1UEbVS+MJ4zYTlHk9gfL5l3lpTtHGtWg==
x-amz-request-id: 44EFR0VB5VF6SY0R
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "349f207f561b8a5aaa030f17f7faa9d8"
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5162
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js

142.250.74.35

200 OK

10 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.imitrk13.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (35547)
Size
10 kB (10017 bytes)
Hash
0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9

HTTP Headers

GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:27 GMT
expires: Wed, 22 May 2024 21:40:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 44644
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/firebasejs/5.0.2/firebase-app.js

142.250.74.35

200 OK

8.6 kB

URL GET HTTP/2
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.imitrk13.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (25088)
Size
8.6 kB (8604 bytes)
Hash
9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931

HTTP Headers

GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:35 GMT
expires: Wed, 22 May 2024 17:31:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 59576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn-dimi.akamaized.net/landings/278174/1674550754/images/main-bg.png

88.221.27.128

200 OK

355 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/278174/1674550754/images/main-bg.png
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
PNG image data, 1920 x 1080, 4-bit colormap, non-interlaced\012- data
Size
355 kB (354682 bytes)
Hash
baebaa2a4eda3de7ade641c5ae18c0a4
08bbdad58ce7715c5a09521161656f853ae182d0
c6399f73e14090a0addc73534a2d41d0c198747b5c2b562b988ecfdcb4e37a3d

HTTP Headers

GET /landings/278174/1674550754/images/main-bg.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/278174/1674550754/css/style.css?1674550755
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: 5zwzmTtbERJEHk9CqHOUD/HYLAJxzthGgJhYX/e1FSWSiaVNvu47+MN3lfuewe++ocsAcRUl9Fk=
x-amz-request-id: RMNE5Z4ZSKAH6V8Q
Last-Modified: Tue, 24 Jan 2023 08:59:16 GMT
ETag: "baebaa2a4eda3de7ade641c5ae18c0a4"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 354682
Date: Wed, 24 May 2023 10:04:31 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2

142.250.74.35

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.imitrk13.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data
Size
18 kB (17660 bytes)
Hash
cfdce67a2e07ba6cf05e0292d7f3f9b7
dcad1b9e50f8ef49ec4600fe88c68c165d9b7e61
048d136d592e66896cccc1fe4fada4feb16b7f6af671cd49a2fe6ed6b2276c6c

HTTP Headers

GET /s/inter/v12/UcCO3FwrK3iLTeHuS_fvQtMwCp50KnMw2boKoduKmMEVuGKYAZ9hiA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imitrk13.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 02:23:45 GMT
expires: Fri, 17 May 2024 02:23:45 GMT
cache-control: public, max-age=31536000
age: 546046
last-modified: Mon, 11 Jul 2022 21:02:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0e2a51fc0a704370c246690b8e25c332
28b056e0210c4e5139982c887bbd5b416a7c888e
639b72f46177c45cf6faed4c59c70f988ba038216aceeb1a9734de3364da854d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 24 May 2023 10:04:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn-dimi.akamaized.net/landings/278174/1674550754/css/reset.css?1674550755

88.221.27.128

200 OK

1.7 kB

URL GET HTTP/1.1
cdn-dimi.akamaized.net/landings/278174/1674550754/css/reset.css?1674550755
IP
88.221.27.128:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.imitrk13.com/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT

File type
ASCII text, with very long lines (2066), with no line terminators
Size
1.7 kB (1730 bytes)
Hash
19ed0936bf4314e383b24dc9e8436d2f
ca421b4070038d3922058fddffbd9d43588297fa
33ec02fc15caecbc141bedaa96611bb139a5933e1d9acf5acb4de3e4088111a3

HTTP Headers

GET /landings/278174/1674550754/css/reset.css?1674550755 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
x-amz-id-2: up4DaCMUwfCeX/qwWAJUyDZm58oQYPxxVgLPlPbMk7DkDND0pr2CItqYvD6QAg4bLULLhtLCFC4=
x-amz-request-id: EAQW8BV5BP11Q74R
Last-Modified: Tue, 24 Jan 2023 08:59:17 GMT
ETag: "474f10b7230be35c0d196a74fc40ecbe"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 24 May 2023 10:04:30 GMT
Content-Length: 751
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

fonts.googleapis.com/css2?family=Inter:wght@600&display=swap

142.250.74.106

200 OK

2.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@600&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.imitrk13.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (2537), with no line terminators
Size
2.5 kB (2474 bytes)
Hash
03e12c0ad4923973c517091ddca48ff0
70b5f072fddb55df3e87a1fb672f7a48b2e1fac4
a783749c6cac3ffbc4af3eccc221b931ae145dc92dbba16f43f007f704e3ab23

HTTP Headers

GET /css2?family=Inter:wght@600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 24 May 2023 10:04:30 GMT
date: Wed, 24 May 2023 10:04:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.imitrk13.com/js/pushjs/1.0.0/subscriber.js

18.200.4.16

200 OK

9.4 kB

URL GET HTTP/2
www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
IP
18.200.4.16:443
ASN
#16509 AMAZON-02

Requested by
https://www.imitrk13.com/
Certificate
IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT

File type
C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators
Size
9.4 kB (9389 bytes)
Hash
84b622eb79d84a20b4fb5d3e2e122e2a
73eb77325e2b070e36f393eb4db66fa5af549ac6
514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=646de12e0001a361; unique_id2=646de12e0001ab36
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 24 May 2023 10:04:30 GMT
content-type: application/javascript
expires: Wed, 31 May 2023 10:04:30 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML