firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 21:08:54 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ky9eIj5HqBS3lOflm4XxgLKwbsD5--jLzxJMoknkfvmDWfonIOOHMQ==
Age: 1435
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3118
Expires: Tue, 13 Sep 2022 22:24:47 GMT
Date: Tue, 13 Sep 2022 21:32:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mDEFKdSJWkpLRtqPGj7nntNvnhf2Z8hc5N7tKk2FXogd2-WLUvj3ZA==
age: 61055
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 21:32:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 21:03:22 GMT
Expires: Tue, 13 Sep 2022 21:52:29 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JxiFLfb3dP9rVQ1htzYYxfkk3TSc7nBtrq629m8guGr21KkABgul4Q==
Age: 1768
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5165
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 21:32:50 GMT
Last-Modified: Tue, 13 Sep 2022 20:06:45 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
66.84.6.23206 Partial Content 118 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
IP 66.84.6.23:0
File type ASCII text, with very long lines (40295)
Size 118 kB (118408 bytes)
Hash 4b8c36337c0e98998b2904c43706fef4
b762c3b2aa1df94d47a4f5831a3ff40b5cb12586
ee2dc222d34fcb542a53d5561465006e427a2e3691c338ae93d6b5c96fcc3788
Analyzer Verdict Alert openphish Fifth Third Bank
fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Range: bytes=7947-
If-Range: Sun, 13 Feb 2022 00:52:34 GMT
HTTP/1.1 206 Partial Content
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2022 00:52:34 GMT
Accept-Ranges: bytes
Content-Length: 118408
Content-Range: bytes 7947-126354/126355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
66.84.6.23200 OK 7.4 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
IP 66.84.6.23:0
Hash f4835b1a5a84a7efe1a0675f06e3d5c0
7527362f3a153336c55376cb1d83efc137d1859b
898d84952b101ee096a356f84aec3e39943d3412a49185362db753ff1e3b8083
GET /aa45/W/brand/heros/promos/data/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:30 GMT
Accept-Ranges: bytes
Content-Length: 7436
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.techmeback.com/aa45/W/design/icons/logo/data/style.css
66.84.6.23200 OK 414 B URL HTTP/1.1 www.techmeback.com/aa45/W/design/icons/logo/data/style.css
IP 66.84.6.23:0
File type ASCII text, with CRLF line terminators
Hash f9653fbeecf34b04791fee59eb3e253b
fcbbad7c6616682a22a9d0de09d715c61cb17722
7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
GET /aa45/W/design/icons/logo/data/style.css HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Tue, 16 Nov 2021 19:01:14 GMT
Accept-Ranges: bytes
Content-Length: 414
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techmeback.com
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 21:32:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6148017
expires: Sun, 03 Sep 2023 21:32:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Z6TiUnvAMooPoZbAm6eocqj7jjYgoiqN5GYmQc%2B5u2dVP7a6LDEC53r6t2FBHWOKYIkSbeDBXjrOKcnV5%2Bhav0BflcJWOAFcxf4tiREtYbyUl9TYCAWvfHOvlgFtaH8lryWQs56"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a3ff7259b20b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.24.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.24.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 21:32:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1819956
expires: Sun, 03 Sep 2023 21:32:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QQOgRy5c%2BlK6PXYpZS%2FETetpaKL%2FtsgGm3B7AkjpgBrXgLEjKcOp0a2ks73kgs7k3%2F1vQ6tPjV6xRpLFPnjWLazeHxISwl0p4fqBNiEy%2FotM9JMN9555sM7u7HHWUCZ3oCHoTKD9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74a3ff726e5fb50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.42200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techmeback.com
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 21:32:50 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663104770.dop230.sk1.t,1663104770.cds247.sk1.hn,1663104770.cds230.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 21:32:50 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663104770.dop068.sk1.t,1663104770.cds229.sk1.hn,1663104770.cds222.sk1.c
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 95+VfdKN4BR6x9S2931kbw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rmV9Rt41hjhO15Fw63VuvvwW74Y=
www.techmeback.com/aa45/W/brand/heros/promos/data/cms.js
66.84.6.23200 OK 25 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/cms.js
IP 66.84.6.23:0
Hash 985a32af4e9205745e1cfc4833047118
7c003debef1611b3b00afc85d92d22d650674e6d
9604dbabba22c1d2ef244a1b76ec794b0fdb510dcfe6b6b7fee3b300e4e25e65
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/cms.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:38 GMT
Accept-Ranges: bytes
Content-Length: 25166
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/ba-hashchange.min.js
66.84.6.23200 OK 2.6 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/ba-hashchange.min.js
IP 66.84.6.23:0
File type HTML document, ASCII text, with very long lines (1025)
Hash 26b8863002342ed3ee47d32548bd9e51
3930af5340bbac1635996b5c8d74a9d83f18b12a
506ff5c4d37c218c9e2581ae7e7bd9bb94e1fbb2a3d7b5584f332966fa003981
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/ba-hashchange.min.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:40 GMT
Accept-Ranges: bytes
Content-Length: 2551
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/autocomplete.js
66.84.6.23200 OK 16 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/autocomplete.js
IP 66.84.6.23:0
Hash 791cc46078e06e92e836b46b215fb4d1
2c68f251eead7c527b056eec8983154019f9f156
2f6a2708bb08039d7670a428ddc421f27ed1d6e2fdca03c59001f56f4791e07a
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/autocomplete.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:40 GMT
Accept-Ranges: bytes
Content-Length: 16415
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/hogan-3.0.1.js
66.84.6.23200 OK 21 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/hogan-3.0.1.js
IP 66.84.6.23:0
Hash 2778e85fe05366ea117629b8b7b2c386
055307e9c149f201fef14308ff4396d5dbf7648a
8852250970301a870d0a14722a7fda66b2a74bbb65bf2b7b3fe80dc8d8434ee6
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/hogan-3.0.1.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:38 GMT
Accept-Ranges: bytes
Content-Length: 20571
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/moveScripts.js
66.84.6.23200 OK 750 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/moveScripts.js
IP 66.84.6.23:0
Hash e8ba7989cfde9557dd1b554a7eec1ce9
d6f7c327766925ce2cccde5a7e9aa29c28540f33
1777f023a61ea16a4888e9baa951d81736426c5b880fca946f9d37d0eb2cffae
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/moveScripts.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:40 GMT
Accept-Ranges: bytes
Content-Length: 750
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/jquery.min.js
66.84.6.23200 OK 87 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/jquery.min.js
IP 66.84.6.23:0
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/jquery.min.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:38 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/slick.min.js
66.84.6.23200 OK 43 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/slick.min.js
IP 66.84.6.23:0
File type ASCII text, with very long lines (42862)
Hash d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/slick.min.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:40 GMT
Accept-Ranges: bytes
Content-Length: 42863
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/search.css
66.84.6.23200 OK 3.0 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/search.css
IP 66.84.6.23:0
Hash 396f68ae3a479c8064061c65deb009bd
0b2103ddd6fe0f3f4bccf0440446ef26474614d2
d8f31d35029afd740d78227a50d3e2120c53aaea0ba50e654dd1598c9d385a44
GET /aa45/W/brand/heros/promos/data/search.css HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 3026
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.techmeback.com/aa45/W/brand/heros/promos/data/js/actions.js
66.84.6.23404 Not Found 315 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/js/actions.js
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/js/actions.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.techmeback.com/aa45/W/brand/heros/promos/data/css.css
66.84.6.23200 OK 12 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/css.css
IP 66.84.6.23:0
Hash 0a90ec650895680d385f6d7fed5c4cc5
6481ebce0d8d082173f7d744b871c2e5170209d5
13f3dcc68879eccc3e64115973cdb293b1c0784d94014832dd5b11f9d9bd5a50
GET /aa45/W/brand/heros/promos/data/css.css HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:30 GMT
Accept-Ranges: bytes
Content-Length: 12367
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
www.techmeback.com/aa45/W/brand/heros/promos/data/clientlib-style.ff038509f95078f0bd96ef290d908123.css
66.84.6.23200 OK 239 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/clientlib-style.ff038509f95078f0bd96ef290d908123.css
IP 66.84.6.23:0
Size 239 kB (238571 bytes)
Hash be4985081be0c29539ecfe159096bbbe
61643e5498ed3c9e6e6c6296b95717ce1290bfb8
7f1ce57939554e391121a6609353dee432c20ae02492f85cd68454a1e6456734
GET /aa45/W/brand/heros/promos/data/clientlib-style.ff038509f95078f0bd96ef290d908123.css HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 238571
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.techmeback.com/aa45/W/brand/heros/promos/data/patternlab.js
66.84.6.23200 OK 411 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/patternlab.js
IP 66.84.6.23:0
File type ASCII text, with very long lines (11620)
Size 411 kB (411138 bytes)
Hash 62ee304fe2af257b7c159e4d339cf68b
5b8e5915acf302243cadaa13015717415f37cab6
61c857f49daf5027a73cc384e5e75d01e0b9123a7e77792ab282026f451f6ed9
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/patternlab.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:40 GMT
Accept-Ranges: bytes
Content-Length: 411138
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/logo.svg
66.84.6.23200 OK 4.9 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/logo.svg
IP 66.84.6.23:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9f2349c5301e7295483e485e7fa98131
3764d6d3bced36d04ad0cb85b915f1094fba64a1
617518a4c1f153f1cbcb09ac14a8b3f4be01fb80dd86159b6b02bbee52622ed3
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/logo.svg HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:38 GMT
Accept-Ranges: bytes
Content-Length: 4875
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/svg+xml
www.techmeback.com/aa45/W/brand/heros/promos/data/equal_housing_logo.png
66.84.6.23200 OK 2.8 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/equal_housing_logo.png
IP 66.84.6.23:0
File type PNG image data, 18 x 15, 8-bit colormap, non-interlaced\012- data
Hash ba4bacebf5dffb84ec9fd4dfb1108a73
e4fb3286c17cb7bc8d9f50d9de6a492996e9bd80
c9874fdc3addc2b1da577088ec110c30e79e6afd4e89a20ac6ecff47cf1b3f45
GET /aa45/W/brand/heros/promos/data/equal_housing_logo.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:30 GMT
Accept-Ranges: bytes
Content-Length: 2758
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
66.84.6.23200 OK 17 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 66.84.6.23:0
File type Web Open Font Format (Version 2), TrueType, length 16692, version 1.0\012- data
Hash d65113b6da7ba4bd0a59dbda5a7e24d4
929ecf3ad6ab03123a7bad0609b4b8ba1623d4e8
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:36 GMT
Accept-Ranges: bytes
Content-Length: 16692
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: font/woff2
www.techmeback.com/aa45/W/design/icons/logo/data/loading.gif
66.84.6.23200 OK 39 kB URL HTTP/1.1 www.techmeback.com/aa45/W/design/icons/logo/data/loading.gif
IP 66.84.6.23:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash d10ef01e81faa2c2d812bdf670b4e072
77d09a57b2091fd7665dff763a5eab23e0ff907e
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
GET /aa45/W/design/icons/logo/data/loading.gif HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2018 17:03:52 GMT
Accept-Ranges: bytes
Content-Length: 38636
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
www.techmeback.com/aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
66.84.6.23200 OK 17 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
IP 66.84.6.23:0
File type Web Open Font Format (Version 2), TrueType, length 16712, version 1.0\012- data
Hash 1f577b061e6e464e2c949faee6518469
8acf6682f8050be9b4c7fb3e85138971d6fae51c
578ea33c3a1daec87277cd626647c55f3e0abd72c0673cde0fe40d4fb8fd5579
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:36 GMT
Accept-Ranges: bytes
Content-Length: 16712
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
www.techmeback.com/aa45/W/brand/heros/promos/data/icomoon.woff
66.84.6.23200 OK 32 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/icomoon.woff
IP 66.84.6.23:0
File type Web Open Font Format, TrueType, length 31620, version 1.0\012- data
Hash a55db942b961e6a7cf7c70dfbca91616
15c5f647c3a9495e0dfcc316311191ce54b409ee
1539ec89c49a493f983dbde0e0c35c310eaaa74f91aa316eac33e942285bed2c
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/icomoon.woff HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/clientlib-fonts.5a90d7c52d8174778542efb1494fd065.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 31620
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff
www.techmeback.com/aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
66.84.6.23200 OK 16 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
IP 66.84.6.23:0
File type Web Open Font Format (Version 2), TrueType, length 16408, version 1.0\012- data
Hash 875ba54801f7cf83ea70abf613fab665
a747343db86c1ba5d10d6cb1814fd6ac6db42b65
a61d67250a5c36640e22099937af31613e68d6134439d5d4329efea0372aea79
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/css.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:36 GMT
Accept-Ranges: bytes
Content-Length: 16408
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
www.techmeback.com/aa45/W/brand/heros/promos/data/index_4.html
66.84.6.23200 OK 72 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_4.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63664)
Hash baeb23186239bef783966ccdd3290084
239f6be85abc4ad85bdde8ee4ac2a43a5bded542
2844522f60fb1cb46a8991a78c4e2b84a234183ee827ab33c82fe0ac13bf2fde
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_4.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:40 GMT
Accept-Ranges: bytes
Content-Length: 72505
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_6.html
66.84.6.23200 OK 7.1 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_6.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ba51569816537206cd7a2cc66d7d78f8
2494d5ae19af9e1618566522663ba52b79869a86
a3cfc0ded3619bd3f14edea4b64eca880178443ea8a55f4f9cd4cd9954c48590
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_6.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:42 GMT
Accept-Ranges: bytes
Content-Length: 7056
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_9.html
66.84.6.23200 OK 132 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_9.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash c783f212f097b1702337cec9477d651b
1b04b0d9adbf5f1debd93a03f20e84b8432d765a
1dba440a1b820bbae5fd8ad7fa9cfb532ef44ff4fc72b11cd202e6dd61c32261
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_9.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:44 GMT
Accept-Ranges: bytes
Content-Length: 132
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_1.html
66.84.6.23200 OK 201 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_1.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash accffc389519d78f05c94892222f092e
5f957871f50031c238dbc92e56c69469781d5fa9
fcaa07a7179caba2296eb8ea54a865e7ba25dbde43a391ac7ac53d08614cba16
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_1.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 201
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/js/actions.js
66.84.6.23404 Not Found 315 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/js/actions.js
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/js/actions.js HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
www.techmeback.com/aa45/W/brand/heros/promos/data/index_10.html
66.84.6.23200 OK 132 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_10.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash c783f212f097b1702337cec9477d651b
1b04b0d9adbf5f1debd93a03f20e84b8432d765a
1dba440a1b820bbae5fd8ad7fa9cfb532ef44ff4fc72b11cd202e6dd61c32261
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_10.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:44 GMT
Accept-Ranges: bytes
Content-Length: 132
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_11.html
66.84.6.23200 OK 132 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_11.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash c783f212f097b1702337cec9477d651b
1b04b0d9adbf5f1debd93a03f20e84b8432d765a
1dba440a1b820bbae5fd8ad7fa9cfb532ef44ff4fc72b11cd202e6dd61c32261
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_11.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:44 GMT
Accept-Ranges: bytes
Content-Length: 132
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
66.84.6.23200 OK 2.9 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (2853), with no line terminators
Hash e9537b54b05183cfa3f5ff862f2c7270
ad6c30b4dc9266afffae2783bf27097ba3defb04
7ed3c1fec0bd7b4175f51746fffee036d42a44bcd403ec53ea6bb84e6f152384
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_2.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 2853
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html
platform.twitter.com/widgets.js
93.184.220.66200 OK 29 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
File type Unicode text, UTF-8 text, with very long lines (33915)
Hash 0ccf02d52b75b85c65aa5460aa24aebf
50d1a19cb9ebbd6d42173ce2d963ea4df29e8e5a
d13778acf057777bad23fd020088463d65d2b7baff042cd4529d27faa46daf38
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 814
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Tue, 13 Sep 2022 21:32:51 GMT
Etag: "f116c7e6b28e2aebeb60ade5bdc8e2b4+gzip"
Last-Modified: Wed, 31 Aug 2022 20:41:50 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71A)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29220
platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.techmeback.com
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.techmeback.com
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56168)
Size 105 kB (105445 bytes)
Hash aa228863765c3263e12f1d7c71015518
619739a12e0f16eab26a43a913b35779edea57a6
cf9a241903646ee9b88b76da2bb3e11d16f36246f7bbc53bbe2c98466e5ea12a
GET /widgets/widget_iframe.c4bdc17e77719578b594d5555bee90db.html?origin=https%3A%2F%2Fwww.techmeback.com HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1126180
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 13 Sep 2022 21:32:51 GMT
Etag: "50d73c0b4a4c7e4697b9c6ac6f1ecd75+gzip"
Last-Modified: Wed, 31 Aug 2022 20:40:57 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F706)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105445
www.techmeback.com/aa45/W/brand/heros/promos/data/android-chrome-192x192.png
66.84.6.23200 OK 12 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/android-chrome-192x192.png
IP 66.84.6.23:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6196296d6da29c45fa85682fff153ecf
3d20183ede291a0f86f7a0a7d7fb81efa8b06c01
c84fa4b619a90081150350106c4d17279b260f7b0dc6ceea709ec8488cc34466
GET /aa45/W/brand/heros/promos/data/android-chrome-192x192.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:30 GMT
Accept-Ranges: bytes
Content-Length: 12219
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/favicon-16x16.png
66.84.6.23200 OK 1.1 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/favicon-16x16.png
IP 66.84.6.23:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash d78dff827d07973f71be81870d61fbe5
0988755c34c40f7594926eae9c1e039ebffff95c
d7df254755e9212bf50242a91039e2c2e1485000ffd795a8a3e52c21522c4a6b
GET /aa45/W/brand/heros/promos/data/favicon-16x16.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:30 GMT
Accept-Ranges: bytes
Content-Length: 1062
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-1
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-1
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-1 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/EYEKddsqqBZakkij
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/EYEKddsqqBZakkij
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/EYEKddsqqBZakkij HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:36 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-2
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-2
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-2 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.11.207200 OK 14 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (50395)
Hash 8b797dc974318e8fde63ab9f737ae4f4
a5e9da3f0b1b411ac6694056d7a4d5c8eca6ff8d
a38861239a85cab1a03d7ca4b6be2b2b21526ab44664532bb7167bfd9cb77eb4
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techmeback.com
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 21:32:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 08/20/2022 03:07:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 1d5310e04892ee34b19b5bcbd2be0f47
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74a3ff726cf10b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-4
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-4
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/a_zfwN1bP0ip0OVZ-4 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash a39e79d24d7182f6fb5e49e8d01fd905
0f02272895e755f837603996297c787b96dd514b
bb996b097ea590c4ae86ccb5074c10b51568d29e6a5a8c6ea11be23924a2ffbc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 21:32:52 GMT
Last-Modified: Tue, 13 Sep 2022 20:42:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 312
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-1
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-1
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-1 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash a39e79d24d7182f6fb5e49e8d01fd905
0f02272895e755f837603996297c787b96dd514b
bb996b097ea590c4ae86ccb5074c10b51568d29e6a5a8c6ea11be23924a2ffbc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3021
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 21:32:52 GMT
Last-Modified: Tue, 13 Sep 2022 20:42:31 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 312
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-2
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-2
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-2 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3156
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 21:32:52 GMT
Connection: keep-alive
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-3
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-3
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-3 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3156
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 21:32:52 GMT
Connection: keep-alive
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-4
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-4
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-4 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3156
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 21:32:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bTzXQvDkX23_t4vLJNWv7bg-DoRsdqiBhwNJH5B-RcXxj9RC-87LvA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:41:52 GMT
age: 85860
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3156
Expires: Tue, 13 Sep 2022 22:25:28 GMT
Date: Tue, 13 Sep 2022 21:32:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:41 GMT
age: 85031
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-5
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-5
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-5 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 43wWNADffkA0e8T-SYvAMjp266nAE5hrDjNMQQsuYeT0i6xQt7wLVg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:55:34 GMT
age: 85038
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 019416755742a78ddf35671ba5eaccc7
ec2e96359ef3a236514cab21af80ea5b9420e9c3
a6b0e0ec56c2ce2f94dae8032e0deb297236c35f7a8928a14a254e3fdb2a255a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F898fa8c6-1f06-4fa4-88d0-333a32c1a7a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10245
x-amzn-requestid: 20d58a44-c942-46a8-9136-a824d775275c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YLNZPFsjoAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631ac2a1-24d2272a61fd0f39088251b4;Sampled=0
x-amzn-remapped-date: Fri, 09 Sep 2022 04:35:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2E2yaVqFHLXdfuJns8hs9DNomHNQWVNVSeZSCMdD2W7bGMMgA0QoZQ==
via: 1.1 024f97192fe648974da2251fbcc71f38.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:17:59 GMT
age: 83693
etag: "ec2e96359ef3a236514cab21af80ea5b9420e9c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 03:17:04 GMT
age: 65748
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-6
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-6
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-6 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-7
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-7
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-7 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 84933
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-8
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-8
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-8 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
syndication.twitter.com/settings?session_id=77377b01ca909c782886d53b29a53bc55d4563df
104.244.42.200200 OK 315 B URL HTTP/2 syndication.twitter.com/settings?session_id=77377b01ca909c782886d53b29a53bc55d4563df
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (724), with no line terminators
Hash 337895171bedda99072b721c70846968
b4d7f3bd6ecef71c0733dc21723344cb94e6a45f
798f4be409e38ca283cc33755def17dfabcaeae8b90b252bda96b5eea19e4eaa
GET /settings?session_id=77377b01ca909c782886d53b29a53bc55d4563df HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 21:32:51 GMT
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Tue, 13 Sep 2022 21:32:52 GMT
content-length: 315
content-encoding: gzip
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 109
x-connection-hash: 0658bb902bc5b97cda45ccbf0046b6d9a3f9654e70f93e9d29312c4b0ec15977
X-Firefox-Spdy: h2
www.techmeback.com/aa45/W/brand/heros/promos/data/index_5.html
66.84.6.23200 OK 315 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_5.html
IP 66.84.6.23:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 337895171bedda99072b721c70846968
b4d7f3bd6ecef71c0733dc21723344cb94e6a45f
798f4be409e38ca283cc33755def17dfabcaeae8b90b252bda96b5eea19e4eaa
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_5.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:51 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:42 GMT
Accept-Ranges: bytes
Content-Length: 327350
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-9
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-9
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-9 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-10
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-10
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-10 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-11
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-11
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/doG5xDTStLNaQmhF-11 HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/xYaHD5a0ZRwwivgP.png
66.84.6.23200 OK 81 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/xYaHD5a0ZRwwivgP.png
IP 66.84.6.23:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /aa45/W/brand/heros/promos/data/xYaHD5a0ZRwwivgP.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 81
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/LUwmIQnK46O_ojUT.png
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/LUwmIQnK46O_ojUT.png
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /aa45/W/brand/heros/promos/data/LUwmIQnK46O_ojUT.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:32 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/_7y6WAdL-kh_6HVV.png
66.84.6.23200 OK 81 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/_7y6WAdL-kh_6HVV.png
IP 66.84.6.23:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /aa45/W/brand/heros/promos/data/_7y6WAdL-kh_6HVV.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 81
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/B4cCG2ctRgOU0G3R.png
66.84.6.23200 OK 81 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/B4cCG2ctRgOU0G3R.png
IP 66.84.6.23:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /aa45/W/brand/heros/promos/data/B4cCG2ctRgOU0G3R.png HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 81
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png
www.techmeback.com/aa45/W/brand/heros/promos/data/0v_ElV0bKl0rjeCA
66.84.6.23200 OK 537 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/0v_ElV0bKl0rjeCA
IP 66.84.6.23:0
File type ASCII text, with very long lines (15031)
Size 537 kB (536729 bytes)
Hash 70b5b1221a6dfd7042d4fac237a4f404
4650fae9538623177072a3a65fb97167ec6d71de
3644241a7f86e60dd39dcbc73dd6f8ea520edde0c0e242ee78b2d0911450cb20
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/0v_ElV0bKl0rjeCA HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:36 GMT
Accept-Ranges: bytes
Content-Length: 536729
Keep-Alive: timeout=5, max=87
Connection: Keep-Alive
www.techmeback.com/aa45/W/brand/heros/promos/data/index_8.html
66.84.6.23200 OK 86 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_8.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (15031)
Hash ff1101a44a8cdcbfb01c3e8216a9db58
5591360a4a5ae0dbc11bff1e62857e64ca6d39c6
597af146e1a2102afc2fffd9c7313fcccae6d04d0b8353dbc81d434dc4836b5c
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_8.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:44 GMT
Accept-Ranges: bytes
Content-Length: 85695
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_7.html
66.84.6.23200 OK 86 kB URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_7.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (15031)
Hash 931df29797eaeffe55e7d948a085d004
e770e34e76e180415cf2f8125309f626c4dd342a
ff241883c3dd1317a2b7d253b7bd4704490e4be08837db3ee4be560c700e210e
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_7.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:44 GMT
Accept-Ranges: bytes
Content-Length: 86089
Keep-Alive: timeout=5, max=86
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/index_3.html
66.84.6.23200 OK 97 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index_3.html
IP 66.84.6.23:0
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 948c3b0b89a440438cb10c44dfb25fba
e4d35e5e283c4cfea043a022a3b06f0e85d231eb
3de2c358acd98dd93f54af55a7d89ae64cca5757d76fb95ae74db8bd63389bdd
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index_3.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_2.html
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:34 GMT
Accept-Ranges: bytes
Content-Length: 97
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html
www.techmeback.com/aa45/W/brand/heros/promos/data/VRY3aXuSh7uegg8k
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/VRY3aXuSh7uegg8k
IP 66.84.6.23:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /aa45/W/brand/heros/promos/data/VRY3aXuSh7uegg8k HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/aa45/W/brand/heros/promos/data/index_7.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:52 GMT
Server: Apache
Last-Modified: Sat, 12 Feb 2022 22:03:36 GMT
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=85
Connection: Keep-Alive
ocsp.entrust.net/
23.13.44.131200 OK 1.6 kB IP 23.13.44.131:0
Hash 30bf3fd137507badd75543145e830143
6c0d250ea47f86717c646e82259fc691b96e2c57
f88be93ba696cadef82fe00384535fd881a03abe2247c59d3bbd9ef308847413
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F88BE93BA696CADEF82FE00384535FD881A03ABE2247C59D3BBD9EF308847413"
Last-Modified: Tue, 13 Sep 2022 13:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=3600
Expires: Tue, 13 Sep 2022 22:32:53 GMT
Date: Tue, 13 Sep 2022 21:32:53 GMT
Connection: keep-alive
event.evtm.53.com/VRY3aXuSh7uegg8k?f7fd32b904950aa9=12BDXxCCuHv3bIfmPVKCEr9SagB2SfdkBPzges2onIY9d0oTC0E65mbbHDO5IR-Z3xgPtC3V7mKpg6oN6XplsVO98QPRNYSCr7XUIDWa9bBWDLwd2F224JOfzZkqmTVuh9xvszTwnczeQDFWYRtw1Ms0M_g&jf=3336246e71603d34383367636039323936363b3c6166636938346337643f663934376e32383760
185.32.241.65204 No Content 0 B URL HTTP/1.1 event.evtm.53.com/VRY3aXuSh7uegg8k?f7fd32b904950aa9=12BDXxCCuHv3bIfmPVKCEr9SagB2SfdkBPzges2onIY9d0oTC0E65mbbHDO5IR-Z3xgPtC3V7mKpg6oN6XplsVO98QPRNYSCr7XUIDWa9bBWDLwd2F224JOfzZkqmTVuh9xvszTwnczeQDFWYRtw1Ms0M_g&jf=3336246e71603d34383367636039323936363b3c6166636938346337643f663934376e32383760
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /VRY3aXuSh7uegg8k?f7fd32b904950aa9=12BDXxCCuHv3bIfmPVKCEr9SagB2SfdkBPzges2onIY9d0oTC0E65mbbHDO5IR-Z3xgPtC3V7mKpg6oN6XplsVO98QPRNYSCr7XUIDWa9bBWDLwd2F224JOfzZkqmTVuh9xvszTwnczeQDFWYRtw1Ms0M_g&jf=3336246e71603d34383367636039323936363b3c6166636938346337643f663934376e32383760 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
event.evtm.53.com/qa_zlHm4LxkmFgIx?3c678769ac8ce557=kZKt2YEa50-TKZG7WJUBw-8DAQ9zXV4PTap67lMhDAQZL_sTBDmGpfK3WEYwnNFXBrTzVwCceLUmeCooB4wJFhy_08-1m1EwHzQKT5SIQqLkhaZsR_WhRG1Bz5gHmT54UnokU_yEYpd5mFcw90_e-NNWFrDVQBhSbfItH82FGqaQ0CJt5SlNX1zl6-KGCVKl5FhzaOzVC1NhsgE58jQ
185.32.241.65200 OK 14 kB URL HTTP/1.1 event.evtm.53.com/qa_zlHm4LxkmFgIx?3c678769ac8ce557=kZKt2YEa50-TKZG7WJUBw-8DAQ9zXV4PTap67lMhDAQZL_sTBDmGpfK3WEYwnNFXBrTzVwCceLUmeCooB4wJFhy_08-1m1EwHzQKT5SIQqLkhaZsR_WhRG1Bz5gHmT54UnokU_yEYpd5mFcw90_e-NNWFrDVQBhSbfItH82FGqaQ0CJt5SlNX1zl6-KGCVKl5FhzaOzVC1NhsgE58jQ
IP 185.32.241.65:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 1e1ddfb801538ba511bbdd4dee56f553
f96dabcffc6e8591cfb2b3f5a759fc611a3fb3c4
c9120e54afe9d687bf2f7349e6ee8b58ec04af421000dbde611ff5595b135c27
GET /qa_zlHm4LxkmFgIx?3c678769ac8ce557=kZKt2YEa50-TKZG7WJUBw-8DAQ9zXV4PTap67lMhDAQZL_sTBDmGpfK3WEYwnNFXBrTzVwCceLUmeCooB4wJFhy_08-1m1EwHzQKT5SIQqLkhaZsR_WhRG1Bz5gHmT54UnokU_yEYpd5mFcw90_e-NNWFrDVQBhSbfItH82FGqaQ0CJt5SlNX1zl6-KGCVKl5FhzaOzVC1NhsgE58jQ HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked
event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jb=3336246e71633d34383367636039323936363b3c6166636938346337643f663934376e32383760
185.32.241.65204 No Content 0 B URL HTTP/1.1 event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jb=3336246e71633d34383367636039323936363b3c6166636938346337643f663934376e32383760
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jb=3336246e71633d34383367636039323936363b3c6166636938346337643f663934376e32383760 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/javascript
event.evtm.53.com/fp/clear.png
185.32.241.65200 OK 81 B URL HTTP/1.1 event.evtm.53.com/fp/clear.png
IP 185.32.241.65:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /fp/clear.png HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*, 3z5dc3wi/136e06b259d2523f146bc71e-f377-453b-8aca-955a2970729a
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.techmeback.com
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 13 Sep 2022 21:32:53 GMT
Expires: Sun, 12 Sep 2027 21:32:53 GMT
Etag: 74f8595d0e3e4e09896785025596c7a8
Cache-Control: private, must-revalidate, max-age=0
Access-Control-Allow-Origin: https://www.techmeback.com
Content-Length: 81
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/png
event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jd=3535242468646e3d3f2468646a35386433603c3f613a653e38366535336a643767353a6161316435603a38336d672468647c6e3d32383f3e3a35
185.32.241.65204 No Content 0 B URL HTTP/1.1 event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jd=3535242468646e3d3f2468646a35386433603c3f613a653e38366535336a643767353a6161316435603a38336d672468647c6e3d32383f3e3a35
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jd=3535242468646e3d3f2468646a35386433603c3f613a653e38366535336a643767353a6161316435603a38336d672468647c6e3d32383f3e3a35 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/javascript
event.evtm.53.com/whE-z3KAwU6UOdWL?4f895c73b0a99796=Q-n46E3-BQvsLogo2HhwJ4KUTl4SfoHz8WQQv_FuOgmLfBAwBj9s8Rd2tCutxmuxGo-_9AETpqnL667Fsl0amL7NUYb1VEDmXMNB2sJWevg71CRHYOkV_PHOAQDqms7LCpPec9fhlEOvltjoDuvfjkik4N09F7SaQU_S2GuqM3i0MA6YyS1QaeE-yE0pLLjhN_Po2BdQlgbfn2YFYhDT
185.32.241.65200 OK 14 kB URL HTTP/1.1 event.evtm.53.com/whE-z3KAwU6UOdWL?4f895c73b0a99796=Q-n46E3-BQvsLogo2HhwJ4KUTl4SfoHz8WQQv_FuOgmLfBAwBj9s8Rd2tCutxmuxGo-_9AETpqnL667Fsl0amL7NUYb1VEDmXMNB2sJWevg71CRHYOkV_PHOAQDqms7LCpPec9fhlEOvltjoDuvfjkik4N09F7SaQU_S2GuqM3i0MA6YyS1QaeE-yE0pLLjhN_Po2BdQlgbfn2YFYhDT
IP 185.32.241.65:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (15506)
Hash 28c1adcc4c25de93e73058dbac037f29
b1bb957f7f850568e5ae8e7bdb2facdca749605c
e2367afa6a7403db01f8b88267b2f8dd7af59d5bef9f5db4453c159371042361
GET /whE-z3KAwU6UOdWL?4f895c73b0a99796=Q-n46E3-BQvsLogo2HhwJ4KUTl4SfoHz8WQQv_FuOgmLfBAwBj9s8Rd2tCutxmuxGo-_9AETpqnL667Fsl0amL7NUYb1VEDmXMNB2sJWevg71CRHYOkV_PHOAQDqms7LCpPec9fhlEOvltjoDuvfjkik4N09F7SaQU_S2GuqM3i0MA6YyS1QaeE-yE0pLLjhN_Po2BdQlgbfn2YFYhDT HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=97
Transfer-Encoding: chunked
event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&ja=3735332424613d302e783f32246e3d31303a38703132323c2e61663d333a3a307a3338303226717a7b3f3078382466727035312c333030382c33303a3c2c31323a382e3132323a2c31323a322e3b33392433303a32243130303624382c32267b6b643d32362e6e683f6a7c7470732731432732462d304475757f2e74676160656560616b632e636f6f2d304663633c3525324455273046627a636c66273a46686770677b253046787a6f6d6f712d304666637c612532446b6c66657857302c6a76656c26667035607476707b2d334125304e273244757f772e7467616a6f65626961692c61676d25304469693437253a4e572532446a70616c662d32466867706d7125324e72706d6f67732530446c697463253a4e696e6467702c68766f642668683f613b3b32323c636136343b61636135386a3433663f3a656633303e313966326b266a736d3f4e6b6e75702468716035466970676e67782732383136266a7167773d4e6b66757826687160773d46617067646d70266e6a613539362474726c3d5554412e6f61766a7a3d32383b34603a386338356760633c6466633a6a693863363139396436616b633232336b353665333a3063306131663b366369343432663b3c3434623d6e34393024783f706e776f696e5f646e6371685e6e636e716729706c776561665f7569666c6f77735d6567646b6357706c617b67705c666164716723726475676b6c5769646d626d576163726d6a63745c64696c736523726e776769665d73776b6b6b746b6f6d5666636c7b6d21706c776f6b6e5d71606f636b756374675e66696e716723786c75656b665772676164786c6179677a5c66636e7b6521706e77656b6e5f7e6e615d726461796770566e616e736d29706c7565616c5f66677e616c76705c64636c736d23726e776f696e5d717e6f5f74696d7f65725e64696e736723786c75676b6c5d686176695c64636e7b6526677a3b35646436306d663762323f3a3863643c62373964603a6462656a676731643d616161616c3b393434382e6363643f393439373339&jb=3935246e733f4d6f726b6e6e632d3246372c382d3232285039312533402d30304e6b6675782530327a3a365f3e362731402d323070742d3b413b362638292532324f6763696d2d3246323233323231303927303244617265646d702d3244393e2630
185.32.241.65204 204 0 B URL HTTP/1.1 event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&ja=3735332424613d302e783f32246e3d31303a38703132323c2e61663d333a3a307a3338303226717a7b3f3078382466727035312c333030382c33303a3c2c31323a382e3132323a2c31323a322e3b33392433303a32243130303624382c32267b6b643d32362e6e683f6a7c7470732731432732462d304475757f2e74676160656560616b632e636f6f2d304663633c3525324455273046627a636c66273a46686770677b253046787a6f6d6f712d304666637c612532446b6c66657857302c6a76656c26667035607476707b2d334125304e273244757f772e7467616a6f65626961692c61676d25304469693437253a4e572532446a70616c662d32466867706d7125324e72706d6f67732530446c697463253a4e696e6467702c68766f642668683f613b3b32323c636136343b61636135386a3433663f3a656633303e313966326b266a736d3f4e6b6e75702468716035466970676e67782732383136266a7167773d4e6b66757826687160773d46617067646d70266e6a613539362474726c3d5554412e6f61766a7a3d32383b34603a386338356760633c6466633a6a693863363139396436616b633232336b353665333a3063306131663b366369343432663b3c3434623d6e34393024783f706e776f696e5f646e6371685e6e636e716729706c776561665f7569666c6f77735d6567646b6357706c617b67705c666164716723726475676b6c5769646d626d576163726d6a63745c64696c736523726e776769665d73776b6b6b746b6f6d5666636c7b6d21706c776f6b6e5d71606f636b756374675e66696e716723786c75656b665772676164786c6179677a5c66636e7b6521706e77656b6e5f7e6e615d726461796770566e616e736d29706c7565616c5f66677e616c76705c64636c736d23726e776f696e5d717e6f5f74696d7f65725e64696e736723786c75676b6c5d686176695c64636e7b6526677a3b35646436306d663762323f3a3863643c62373964603a6462656a676731643d616161616c3b393434382e6363643f393439373339&jb=3935246e733f4d6f726b6e6e632d3246372c382d3232285039312533402d30304e6b6675782530327a3a365f3e362731402d323070742d3b413b362638292532324f6763696d2d3246323233323231303927303244617265646d702d3244393e2630
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&ja=3735332424613d302e783f32246e3d31303a38703132323c2e61663d333a3a307a3338303226717a7b3f3078382466727035312c333030382c33303a3c2c31323a382e3132323a2c31323a322e3b33392433303a32243130303624382c32267b6b643d32362e6e683f6a7c7470732731432732462d304475757f2e74676160656560616b632e636f6f2d304663633c3525324455273046627a636c66273a46686770677b253046787a6f6d6f712d304666637c612532446b6c66657857302c6a76656c26667035607476707b2d334125304e273244757f772e7467616a6f65626961692c61676d25304469693437253a4e572532446a70616c662d32466867706d7125324e72706d6f67732530446c697463253a4e696e6467702c68766f642668683f613b3b32323c636136343b61636135386a3433663f3a656633303e313966326b266a736d3f4e6b6e75702468716035466970676e67782732383136266a7167773d4e6b66757826687160773d46617067646d70266e6a613539362474726c3d5554412e6f61766a7a3d32383b34603a386338356760633c6466633a6a693863363139396436616b633232336b353665333a3063306131663b366369343432663b3c3434623d6e34393024783f706e776f696e5f646e6371685e6e636e716729706c776561665f7569666c6f77735d6567646b6357706c617b67705c666164716723726475676b6c5769646d626d576163726d6a63745c64696c736523726e776769665d73776b6b6b746b6f6d5666636c7b6d21706c776f6b6e5d71606f636b756374675e66696e716723786c75656b665772676164786c6179677a5c66636e7b6521706e77656b6e5f7e6e615d726461796770566e616e736d29706c7565616c5f66677e616c76705c64636c736d23726e776f696e5d717e6f5f74696d7f65725e64696e736723786c75676b6c5d686176695c64636e7b6526677a3b35646436306d663762323f3a3863643c62373964603a6462656a676731643d616161616c3b393434382e6363643f393439373339&jb=3935246e733f4d6f726b6e6e632d3246372c382d3232285039312533402d30304e6b6675782530327a3a365f3e362731402d323070742d3b413b362638292532324f6763696d2d3246323233323231303927303244617265646d702d3244393e2630 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
event.evtm.53.com/zSmhkyM4clhe1St6?cd518b6aa62e3bcb=P71Is9G5Srbbu3kalB3UKwWt4mGBo9kzKfuBionW_1p1cxc5JlDD3RmnF-Gicr8kIWBr6AEyuf5CdY0M0QGy6XsqSERn5Ms5UyMV75M19kVw5SfyNTJfbpxjY7kRPfGoXWnX7LoAQCzNcFCxVYk5NUlPCmc&jf=3336246e71603d386a3234603b6d303031373e3c303164313032326137383a353b373038643661
185.32.241.65204 No Content 0 B URL HTTP/1.1 event.evtm.53.com/zSmhkyM4clhe1St6?cd518b6aa62e3bcb=P71Is9G5Srbbu3kalB3UKwWt4mGBo9kzKfuBionW_1p1cxc5JlDD3RmnF-Gicr8kIWBr6AEyuf5CdY0M0QGy6XsqSERn5Ms5UyMV75M19kVw5SfyNTJfbpxjY7kRPfGoXWnX7LoAQCzNcFCxVYk5NUlPCmc&jf=3336246e71603d386a3234603b6d303031373e3c303164313032326137383a353b373038643661
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /zSmhkyM4clhe1St6?cd518b6aa62e3bcb=P71Is9G5Srbbu3kalB3UKwWt4mGBo9kzKfuBionW_1p1cxc5JlDD3RmnF-Gicr8kIWBr6AEyuf5CdY0M0QGy6XsqSERn5Ms5UyMV75M19kVw5SfyNTJfbpxjY7kRPfGoXWnX7LoAQCzNcFCxVYk5NUlPCmc&jf=3336246e71603d386a3234603b6d303031373e3c303164313032326137383a353b373038643661 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://event.evtm.53.com/qa_zlHm4LxkmFgIx?3c678769ac8ce557=kZKt2YEa50-TKZG7WJUBw-8DAQ9zXV4PTap67lMhDAQZL_sTBDmGpfK3WEYwnNFXBrTzVwCceLUmeCooB4wJFhy_08-1m1EwHzQKT5SIQqLkhaZsR_WhRG1Bz5gHmT54UnokU_yEYpd5mFcw90_e-NNWFrDVQBhSbfItH82FGqaQ0CJt5SlNX1zl6-KGCVKl5FhzaOzVC1NhsgE58jQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: text/javascript
event.evtm.53.com/Ms69ai5n4ZAK0uGy?acdf619077e964e2=W4IavM0-5hQBSNQqSjT6ApxaBLj4Pppf9ZjtENTnY1dMgy4xMG_pVWBwvxoh8qPtYWlpD8x6CNdivQkELZYo6w5DlpJ9ZAC6XOaA28l8cZkgv7qmHxy1b5XFonITFvZcd7QPuAcYT2hamCxp5wHhKmNaYNlQpNlBvf_kt0rdaTyQ3ivCF5AtHZ_2Dk1NcuVGiT3jispkIzliwF9RkHg&jf=34313424716b645f7a6c663f766c725f507250386a3b716547345646526a6b47247161645f646376673f31363e313332363f36302471616c5f7679786d3d776560326763667169267369665d6967793d3b32373b313831333234383f3263383e3c386365316c323232333836303830633a3434386b673166323b30313235383b3430303838343565316e606436366b3935636067353339656e3b323037313866613b313a6135313b6d336333343c61353a37303132666660373466343b336463613d38613a64386b303b35386e663136333b31363335696366613131333033336b61663a353e383264663b3c3233643d6d643236366b633466646a6361336167643a6534386124716b6c5f736b65353b303635383a323130326d633234666a61306434333a3731646b633a636739333067316a3c383b66383a383138373037653b643e653332613a30313234693b3a316139643966303d6c3032323a38303961616c316133373f303963343b3567633069363434613b313136333c3f616663383f653538373e676267333d3035633b33616433363f6767673239346632247b6166703d38
185.32.241.65204 204 0 B URL HTTP/1.1 event.evtm.53.com/Ms69ai5n4ZAK0uGy?acdf619077e964e2=W4IavM0-5hQBSNQqSjT6ApxaBLj4Pppf9ZjtENTnY1dMgy4xMG_pVWBwvxoh8qPtYWlpD8x6CNdivQkELZYo6w5DlpJ9ZAC6XOaA28l8cZkgv7qmHxy1b5XFonITFvZcd7QPuAcYT2hamCxp5wHhKmNaYNlQpNlBvf_kt0rdaTyQ3ivCF5AtHZ_2Dk1NcuVGiT3jispkIzliwF9RkHg&jf=34313424716b645f7a6c663f766c725f507250386a3b716547345646526a6b47247161645f646376673f31363e313332363f36302471616c5f7679786d3d776560326763667169267369665d6967793d3b32373b313831333234383f3263383e3c386365316c323232333836303830633a3434386b673166323b30313235383b3430303838343565316e606436366b3935636067353339656e3b323037313866613b313a6135313b6d336333343c61353a37303132666660373466343b336463613d38613a64386b303b35386e663136333b31363335696366613131333033336b61663a353e383264663b3c3233643d6d643236366b633466646a6361336167643a6534386124716b6c5f736b65353b303635383a323130326d633234666a61306434333a3731646b633a636739333067316a3c383b66383a383138373037653b643e653332613a30313234693b3a316139643966303d6c3032323a38303961616c316133373f303963343b3567633069363434613b313136333c3f616663383f653538373e676267333d3035633b33616433363f6767673239346632247b6166703d38
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Ms69ai5n4ZAK0uGy?acdf619077e964e2=W4IavM0-5hQBSNQqSjT6ApxaBLj4Pppf9ZjtENTnY1dMgy4xMG_pVWBwvxoh8qPtYWlpD8x6CNdivQkELZYo6w5DlpJ9ZAC6XOaA28l8cZkgv7qmHxy1b5XFonITFvZcd7QPuAcYT2hamCxp5wHhKmNaYNlQpNlBvf_kt0rdaTyQ3ivCF5AtHZ_2Dk1NcuVGiT3jispkIzliwF9RkHg&jf=34313424716b645f7a6c663f766c725f507250386a3b716547345646526a6b47247161645f646376673f31363e313332363f36302471616c5f7679786d3d776560326763667169267369665d6967793d3b32373b313831333234383f3263383e3c386365316c323232333836303830633a3434386b673166323b30313235383b3430303838343565316e606436366b3935636067353339656e3b323037313866613b313a6135313b6d336333343c61353a37303132666660373466343b336463613d38613a64386b303b35386e663136333b31363335696366613131333033336b61663a353e383264663b3c3233643d6d643236366b633466646a6361336167643a6534386124716b6c5f736b65353b303635383a323130326d633234666a61306434333a3731646b633a636739333067316a3c383b66383a383138373037653b643e653332613a30313234693b3a316139643966303d6c3032323a38303961616c316133373f303963343b3567633069363434613b313136333c3f616663383f653538373e676267333d3035633b33616433363f6767673239346632247b6166703d38 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: image/png;charset=UTF-8
Keep-Alive: timeout=2, max=98
event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jac=1&je=37362424726f3d6e6724637766603d6464373c6a3536303038353563663d67623432316363656661633736373a346761373930366134303d3630386b6d3964303b3f3b363431393430323133666632
185.32.241.65204 No Content 0 B URL HTTP/1.1 event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jac=1&je=37362424726f3d6e6724637766603d6464373c6a3536303038353563663d67623432316363656661633736373a346761373930366134303d3630386b6d3964303b3f3b363431393430323133666632
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jac=1&je=37362424726f3d6e6724637766603d6464373c6a3536303038353563663d67623432316363656661633736373a346761373930366134303d3630386b6d3964303b3f3b363431393430323133666632 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 13 Sep 2022 21:32:53 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Connection: Keep-Alive
Content-Type: text/javascript
ocsp.securetrust.com/
95.101.10.123200 OK 638 B IP 95.101.10.123:0
ASN #20940 Akamai International B.V.
Hash feb1e609d58cd28047f7b18c8c0929fc
b06319bb1984b8d872a60430cdd8090f0368fe36
f23ea5680086a5ded776a549f87552f632cc3bf715fac318c10a200d31935785
POST / HTTP/1.1
Host: ocsp.securetrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 86
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 638
Date: Tue, 13 Sep 2022 21:32:54 GMT
Connection: keep-alive
3z5dc3wiyrplw4pp56pkp6bjwzrnyipxeisnsjcg136e06b259d2523fsac.d.aa.online-metrix.net/3c_HFNp8ywfDkBUv?4ee97704e7ddb732=boZXgCwBpYZBxXI47Mz4H88eKZLmVgNVIkpw0XXIoEzpy6D_IcQPrBYSjRcBBv6tFCshtMnp7phVa8kTdRrSkSS4iBhsrC81QIYQxuzRXPxJQ_c5e36JLHsyFCALUWw2f_rq4ZRvP6hNDuOdxwOPnlw49tts8Qfr8X11
192.225.158.3200 OK 81 B URL HTTP/1.1 3z5dc3wiyrplw4pp56pkp6bjwzrnyipxeisnsjcg136e06b259d2523fsac.d.aa.online-metrix.net/3c_HFNp8ywfDkBUv?4ee97704e7ddb732=boZXgCwBpYZBxXI47Mz4H88eKZLmVgNVIkpw0XXIoEzpy6D_IcQPrBYSjRcBBv6tFCshtMnp7phVa8kTdRrSkSS4iBhsrC81QIYQxuzRXPxJQ_c5e36JLHsyFCALUWw2f_rq4ZRvP6hNDuOdxwOPnlw49tts8Qfr8X11
IP 192.225.158.3:0
File type PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 1b6d2de2867a3e11063ba25aa1cd4209
bd20b0e089f31f35cba4d0fa7277e73aa74d944c
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
GET /3c_HFNp8ywfDkBUv?4ee97704e7ddb732=boZXgCwBpYZBxXI47Mz4H88eKZLmVgNVIkpw0XXIoEzpy6D_IcQPrBYSjRcBBv6tFCshtMnp7phVa8kTdRrSkSS4iBhsrC81QIYQxuzRXPxJQ_c5e36JLHsyFCALUWw2f_rq4ZRvP6hNDuOdxwOPnlw49tts8Qfr8X11 HTTP/1.1
Host: 3z5dc3wiyrplw4pp56pkp6bjwzrnyipxeisnsjcg136e06b259d2523fsac.d.aa.online-metrix.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Connection: close
Content-Length: 81
Content-Type: image/png
event.evtm.53.com/Afl98Qhxs2uKq5Y4?6c5c7d3892d1b17b=liQI3YiJ695Y13KB9w3knk_BQDmTa7N0PpqdmlIUG8iEhe_7NvkV_RWtsJFhwO9z2tyf8jKyzXQGUQiA7E-T1BsJo_oqkEkHmV3q5dI4SpsG0nD1W32eAIsEAJaoJ5kQxpDVTux9lc_p4G_NlwBijopDdpT-ysK36Cxq4aBGEgbpadHb4iCtmfUDI6Dg6zDvWsj7yzP4TVNoqBnUlS8&jac=1&je=null
185.32.241.65204 204 0 B URL HTTP/1.1 event.evtm.53.com/Afl98Qhxs2uKq5Y4?6c5c7d3892d1b17b=liQI3YiJ695Y13KB9w3knk_BQDmTa7N0PpqdmlIUG8iEhe_7NvkV_RWtsJFhwO9z2tyf8jKyzXQGUQiA7E-T1BsJo_oqkEkHmV3q5dI4SpsG0nD1W32eAIsEAJaoJ5kQxpDVTux9lc_p4G_NlwBijopDdpT-ysK36Cxq4aBGEgbpadHb4iCtmfUDI6Dg6zDvWsj7yzP4TVNoqBnUlS8&jac=1&je=null
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /Afl98Qhxs2uKq5Y4?6c5c7d3892d1b17b=liQI3YiJ695Y13KB9w3knk_BQDmTa7N0PpqdmlIUG8iEhe_7NvkV_RWtsJFhwO9z2tyf8jKyzXQGUQiA7E-T1BsJo_oqkEkHmV3q5dI4SpsG0nD1W32eAIsEAJaoJ5kQxpDVTux9lc_p4G_NlwBijopDdpT-ysK36Cxq4aBGEgbpadHb4iCtmfUDI6Dg6zDvWsj7yzP4TVNoqBnUlS8&jac=1&je=null HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 204
Date: Tue, 13 Sep 2022 21:32:54 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=2, max=94
Connection: Keep-Alive
event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jac=1&je=32352424756b6d3d7f676070766b5f696c766d7a6e636c5765646e73
185.32.241.65204 No Content 0 B URL HTTP/1.1 event.evtm.53.com/p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jac=1&je=32352424756b6d3d7f676070766b5f696c766d7a6e636c5765646e73
IP 185.32.241.65:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p25KXyRhJlWSPxFr?0f9e24c0d0192cd4=myZJPoXORNaPgYszA_12wXx2l0-UBmJXVMORSloLZrxGwEssjyqz-Jh4fvgzWTMArelV-29wL5dHFwS0IZ7LyYPzktYvqg_L19fnClyCpYXwNW4hhLf_INYlJtpdxKEhv-yUnbxxV85BuzGZOYdz0lsqWs8&jac=1&je=32352424756b6d3d7f676070766b5f696c766d7a6e636c5765646e73 HTTP/1.1
Host: event.evtm.53.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.techmeback.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 13 Sep 2022 21:32:55 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Pragma: no-cache
Cache-Control: no-cache, no-store, must-revalidate
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=93
Connection: Keep-Alive
Content-Type: text/javascript
www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
66.84.6.23200 OK 0 B URL HTTP/1.1 www.techmeback.com/aa45/W/brand/heros/promos/data/index.html
IP 66.84.6.23:0
Analyzer Verdict Alert openphish Fifth Third Bank
fortinet Phishing
GET /aa45/W/brand/heros/promos/data/index.html HTTP/1.1
Host: www.techmeback.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 21:32:50 GMT
Server: Apache
Last-Modified: Sun, 13 Feb 2022 00:52:34 GMT
Accept-Ranges: bytes
Content-Length: 126355
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html