ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
81.19.215.20301 Moved Permanently 707 B URL HTTP/1.1 ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 25 Nov 2022 03:28:55 GMT
server: LiteSpeed
location: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
vary: User-Agent
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5740
Expires: Fri, 25 Nov 2022 05:04:35 GMT
Date: Fri, 25 Nov 2022 03:28:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5447
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:55 GMT
Last-Modified: Fri, 25 Nov 2022 01:58:08 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 03:19:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 593
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17678
Expires: Fri, 25 Nov 2022 08:23:33 GMT
Date: Fri, 25 Nov 2022 03:28:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: E/RvuzRNotXf7J2BIQgAjFwJvnY7vx9DfQ+xq8ytdPwq8LljJUUPCWEmSsJsymkdITFwW0GONrk=
x-amz-request-id: AJB9DBNDT9T6VZDR
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 02:43:40 GMT
age: 2715
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 03:28:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d39fd0e4cd24f5d14e1fb182cb84842
71729d5e7d3ed10e39fedea653d8ee03a94be250
38de80ea2c79d90150f6bf472a3b5f7ae63407214017e6c31a14df148dd0a5dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38DE80EA2C79D90150F6BF472A3B5F7AE63407214017E6C31A14DF148DD0A5DC"
Last-Modified: Wed, 23 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 25 Nov 2022 09:28:55 GMT
Date: Fri, 25 Nov 2022 03:28:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d39fd0e4cd24f5d14e1fb182cb84842
71729d5e7d3ed10e39fedea653d8ee03a94be250
38de80ea2c79d90150f6bf472a3b5f7ae63407214017e6c31a14df148dd0a5dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38DE80EA2C79D90150F6BF472A3B5F7AE63407214017E6C31A14DF148DD0A5DC"
Last-Modified: Wed, 23 Nov 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21599
Expires: Fri, 25 Nov 2022 09:28:55 GMT
Date: Fri, 25 Nov 2022 03:28:56 GMT
Connection: keep-alive
ekasaktiscaffolding.com/wp-includes/css/dist/block-library/style.min.css
81.19.215.20200 OK 10 kB URL HTTP/2 ekasaktiscaffolding.com/wp-includes/css/dist/block-library/style.min.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type Unicode text, UTF-8 text, with very long lines (33376)
Hash cf64bd69df964ad7baacebb5f165288e
3b43b33729294f0378142606559dac91d56919f8
f8d581c3f1abb40a8a24d79f47abe7b7b4ea24207160d0e260d06ca0cdebcb19
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Mon, 15 Nov 2021 09:24:08 GMT
etag: "13abe-61922738-eb4b6b92b41d093b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 9960
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5066
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Last-Modified: Fri, 25 Nov 2022 02:04:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ekasaktiscaffolding.com/wp-content/plugins/contact-form-7/includes/css/styles.css
81.19.215.20200 OK 848 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/contact-form-7/includes/css/styles.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
Hash c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e
GET /wp-content/plugins/contact-form-7/includes/css/styles.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Wed, 17 Nov 2021 07:37:39 GMT
etag: "aab-6194b143-bc0f1ac686d9516;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 848
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/css/fl-icons.css
81.19.215.20200 OK 165 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/css/fl-icons.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (368)
Hash e8ac684736ff7c59b9d244d3667929fc
563b088227d8d5b77316bca1221271516b743047
543816515a9f375687d970e512d9d18c8e3e43d8425ffcc52bbc182e2f41e056
GET /wp-content/themes/flatsome/assets/css/fl-icons.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2019 21:34:12 GMT
etag: "171-5d5b15d4-26f5b298c887604e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 165
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
81.19.215.20200 OK 1.2 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (5305), with no line terminators
Hash 8869d434cd2a3350017c5dddb6b6c624
218f6b304da36e0e5c1212e2b8afd934f2801a93
80727ae14af6bf4636a9455f87ce0e83429bacb577965aee4d0ce980759bf7e9
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Thu, 10 Mar 2022 19:52:18 GMT
etag: "14b9-622a56f2-d100415fe9bd635;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 1207
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css
81.19.215.20200 OK 5.0 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/css/flatsome-shop.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type Unicode text, UTF-8 text, with very long lines (22257)
Hash 8936c93c983f3621cbe97f4c97d66acc
d1fa361621286530faf7f52a246cc87bea4c6724
2ae8b968fda07b1c6ba8c43b7641b54220d33a887103be0524c90465a5ae2bc3
GET /wp-content/themes/flatsome/assets/css/flatsome-shop.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2019 21:34:12 GMT
etag: "56f5-5d5b15d4-32c0682cc6f61d84;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5033
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/themes/flatsome-child/style.css
81.19.215.20200 OK 166 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/themes/flatsome-child/style.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
Hash 56a1e25886e5260b7b37957539201c46
10d2a9a832109558ed6a083f0cc6efd36b8a50c4
9b3133f2b80f8f27cf7933551ea0f64ea3a33526aa05480318a59d1886379462
GET /wp-content/themes/flatsome-child/style.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Wed, 27 Sep 2017 19:43:08 GMT
etag: "12f-59cbff4c-3778b1a961316d1b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 166
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css
81.19.215.20200 OK 19 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type Unicode text, UTF-8 text, with very long lines (65527), with no line terminators
Hash a74053a384baf15f084b143b0e0f1dd3
4a6705bd8f3573439f0ad1311033c786abd99b24
c665c0f1a95e5b903884e255074ae726f4c2b88f4302a26ebd36f94f4a45097d
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Thu, 10 Mar 2022 19:52:18 GMT
etag: "2ee66-622a56f2-480aac6bf1ed55b4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 19218
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/css/flatsome.css
81.19.215.20200 OK 26 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/css/flatsome.css
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (65536), with no line terminators
Hash f825d09ed1067e43236031151ce1f068
51e3be6bcd3a6fb2dd1731f23361f602a2003072
bbb216b84b6441d0a0a2289098fa499fd029d4aef1fc6c449f192ff7e68d7f91
GET /wp-content/themes/flatsome/assets/css/flatsome.css HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2019 21:34:12 GMT
etag: "214cc-5d5b15d4-7b76c5d8fdc82e55;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 26518
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/lead-call-buttons/js/movement.js
81.19.215.20200 OK 861 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/lead-call-buttons/js/movement.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (322)
Hash e28e51d868f4b05461e1343393e86892
c892b9c1e58a6206fbb605a93585936bfe3750a5
042c2324b740fdfbc5f2d1b3b3522a543a564d917552f8aa4dc5f218bc7b194c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/lead-call-buttons/js/movement.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2018 23:27:30 GMT
etag: "a0c-5a627ee2-24d74c90627b1fb7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 861
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-includes/js/jquery/jquery-migrate.min.js
81.19.215.20200 OK 4.0 kB URL HTTP/2 ekasaktiscaffolding.com/wp-includes/js/jquery/jquery-migrate.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (11126)
Hash 7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 15 Nov 2021 09:24:12 GMT
etag: "2bd8-6192273c-fe5ac357505eaa4e;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3995
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/lead-call-buttons/js/script.js
81.19.215.20200 OK 287 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/lead-call-buttons/js/script.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with CRLF line terminators
Hash 1265ec2d8f6c74df55d2c80d5891fe53
12d1d45f1a27f81d8318fe3c3e25e2f55672c1d8
c1d199cdd6eb8f11127392ed39c83b1340ca1031c51bab52a628d34a8b33b5a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/lead-call-buttons/js/script.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2018 23:27:30 GMT
etag: "5c5-5a627ee2-a2e657f47aa53bd1;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 287
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
81.19.215.20200 OK 5.8 kB URL HTTP/2 ekasaktiscaffolding.com/wp-includes/js/dist/vendor/wp-polyfill.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type Unicode text, UTF-8 text, with very long lines (16323)
Hash 54751d4cd4f7fd32b25850ef8ad71fc6
47e74afa81675e761838a6eb5bc70ad9c7d47528
8f3249357e3247b7f0efc468ee2f421f5fd2ee1856af1e37f9e8dd1867753eba
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 15 Nov 2021 09:24:10 GMT
etag: "4056-6192273a-48891204353cfae6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5805
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/contact-form-7/includes/js/index.js
81.19.215.20200 OK 3.5 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/contact-form-7/includes/js/index.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type HTML document, ASCII text, with very long lines (11862), with no line terminators
Hash 14c7fdebe85bdd59ad88874426a32b9f
fe9bb318d06733d7319a9971c8e0ac47a05ca506
2b8c98eb10ff732e14916ff51a4e9b775c581d42ac91e6e510c6f57999ae5aee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Wed, 17 Nov 2021 07:37:39 GMT
etag: "2e56-6194b143-86b857fc8cfb4477;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3529
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
81.19.215.20200 OK 3.2 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (9151)
Hash 2310bfbea6b102d98f1e6e5d2daa79cc
ce50a4b987aceea2ea381932bb41400c4909d0fb
8b34f97d2be93eb99e3316cdf266e6b4088e8e7c15d84906bb9263f8d5e3840c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Thu, 10 Mar 2022 19:52:11 GMT
etag: "2549-622a56eb-ef978e3837dbe70c;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3238
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
81.19.215.20200 OK 899 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (1668)
Hash 22d65ba38528349e705d912ce26bf8ac
c89ba006009043d93b88ff155b4fec8797330550
6253bcb85e4267ad3ba843145534e729ee2c1d7e85e5b4ab5b2e074ae636bca3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Thu, 10 Mar 2022 19:52:11 GMT
etag: "72a-622a56eb-58a1e18454232b26;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 899
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
81.19.215.20200 OK 934 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (2938), with no line terminators
Hash ef8ddf2830341f13634a12266fa9813f
45c12d8b054261b0597ffdb97ff55f8ab7a913c4
698fbd0089cafb0659518bf2359ce5c990e71c9a543338fdc7b1595ee11ade22
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Thu, 10 Mar 2022 19:52:11 GMT
etag: "b7a-622a56eb-dd4cc8edbb290fd7;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 934
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
81.19.215.20200 OK 677 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (2139), with no line terminators
Hash a43fc0dde8fdd69656ad0957e62849c7
4b07cf702ac8a770c8cbffc22b9a788b6e5389ba
1ce3d0493424870c81deec0ec41de0592d2af9f91cd8081cd40a1d7ea89b614f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Thu, 10 Mar 2022 19:52:11 GMT
etag: "85b-622a56eb-2a76ae43c4fefd30;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 677
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
81.19.215.20200 OK 970 B URL HTTP/2 ekasaktiscaffolding.com/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 155d874ef60217f790dedec58e83d832
42a2698adec25b2000046cf7e3818e6478951fc3
c6801f4d5dcdd86ba3e33dc35a8765c03fd55e9f621443dd0fb7cd8c8e6707da
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Thu, 10 Mar 2022 19:52:11 GMT
etag: "bdd-622a56eb-75c90bdb5f02e946;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 970
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-includes/js/hoverIntent.min.js
81.19.215.20200 OK 656 B URL HTTP/2 ekasaktiscaffolding.com/wp-includes/js/hoverIntent.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (1445)
Hash bd87574b1deaeb098dee8bdf37586145
dc0cfb5b1c2596984ecd0de71577a8a21ea3bc74
41d15c4fc818bc5dbb435ba559095e856e3b765f5f2a9ff6f5d1a0ed9cc9b3e1
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/hoverIntent.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 15 Nov 2021 09:24:13 GMT
etag: "5c8-6192273d-af39f5fa60c83731;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 656
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js
81.19.215.20200 OK 4.8 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (12801)
Hash 70cbc7ebb657b8543e7a16850bd72f06
52f910087652491f0aed0d9c23029cf9cde73e25
e001ff5cf15b6ba1d367f441370a2fad7baab087af21c7a22d009ddce1ca342b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/inc/extensions/flatsome-live-search/flatsome-live-search.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2019 21:34:10 GMT
etag: "3e04-5d5b15d2-32493340622feac2;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 4815
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-includes/js/jquery/jquery.min.js
81.19.215.20200 OK 30 kB URL HTTP/2 ekasaktiscaffolding.com/wp-includes/js/jquery/jquery.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (65447)
Hash 34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 15 Nov 2021 09:24:12 GMT
etag: "15db1-6192273c-ea70478602eb3e84;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30273
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/js/flatsome.js
81.19.215.20200 OK 46 kB URL HTTP/2 ekasaktiscaffolding.com/wp-content/themes/flatsome/assets/js/flatsome.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type ASCII text, with very long lines (19155)
Hash b2b8eaaaf52287862edce666b82adda9
45ea3b1a4bf4386c70f4fdcaa0e3e2f3b6d36ef5
d43a08c64810114a611fa535d52a11dfe89e8b203d58b02a7ecc471e5438c41e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/flatsome/assets/js/flatsome.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2019 21:34:12 GMT
etag: "277ad-5d5b15d4-51ed461ea28f9a13;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 45674
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash fd6e45fec9010f48d052dc17826c75f0
218e01b9707f1e123eef81d70f24f0d95e526465
8ba8111e6058eb953ea4804e6fcbbba380a2087609b5bc49c7ccade7fef100a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5066
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Last-Modified: Fri, 25 Nov 2022 02:04:30 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
ekasaktiscaffolding.com/wp-content/uploads/2018/01/sca.png
81.19.215.20301 Moved Permanently 707 B URL HTTP/1.1 ekasaktiscaffolding.com/wp-content/uploads/2018/01/sca.png
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /wp-content/uploads/2018/01/sca.png HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
location: https://ekasaktiscaffolding.com/wp-content/uploads/2018/01/sca.png
vary: User-Agent
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 03:11:11 GMT
cache-control: public,max-age=3600
age: 1065
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3233
Cache-Control: max-age=109905
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:00:41 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash b44543de9922ec7d97f2e0be1865553e
caef856450efd75de0cfae9402903b1f4bd6de4c
d251377b4bc11c32a847ce4dc5dfda92e56031617f5b3eeea54fdcd0945b3eb7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.5 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 416ca7811c3d20b7fd85ca5f8d4712a6
ad6bbae12bea927659c3022456d4291d877cd7ea
7670a5c04ecca01957c27c4c7c88b24b58474cbedfe771b6a481ac9805f3ac1a
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:28:56 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 18657743
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 76f74c0efd6bb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.42200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:34:16 GMT
expires: Wed, 22 Nov 2023 18:34:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 204880
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:23:34 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 684165991
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3T8oh/B+9unoTkE6EtMmyg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e6YJB4gvsk3cZp/DeAfABnibP2A=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ekasaktiscaffolding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 134484
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ekasaktiscaffolding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 114888
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ekasaktiscaffolding.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:21 GMT
expires: Thu, 23 Nov 2023 19:34:21 GMT
cache-control: public, max-age=31536000
age: 114875
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:regular,500%7CRoboto:regular,300%7CRoboto:regular,500%7CDancing+Script:regular,400
142.250.74.10200 OK 24 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:regular,500%7CRoboto:regular,300%7CRoboto:regular,500%7CDancing+Script:regular,400
IP 142.250.74.10:0
Hash 1a1516476436c50c362d31158f137418
abb111d55c417327d9beef98c6b33409e9c09947
1ac42862f09d8a70b6c43022048aef52608ca955dc5cd7e659b5a9d865661637
GET /css?family=Roboto:regular,500%7CRoboto:regular,300%7CRoboto:regular,500%7CDancing+Script:regular,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 03:28:56 GMT
date: Fri, 25 Nov 2022 03:28:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 03:28:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ekasaktiscaffolding.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
81.19.215.20200 OK 247 B URL HTTP/2 ekasaktiscaffolding.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
File type JSON data\012- , ASCII text, with very long lines (503), with no line terminators
Hash 34e3bd7f502fbda4301830203d2f3881
39aa68d6f59d210a21992f2506f0d817000c6574
0940eb9aa125a727aff8f217744b09df7db5ee6a959474cb86c83a1168349021
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 03:28:56 GMT
content-type: application/javascript
last-modified: Mon, 15 Nov 2021 09:24:10 GMT
etag: "1906-6192273a-ff21056b1eef32ea;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2308
date: Fri, 25 Nov 2022 03:28:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
s4.histats.com/stats/3996824.php?3996824&@f16&@g1&@h1&@i1&@j1669346936193&@k0&@l1&@mPage%20not%20found%20-%20SCAFFOLDING%20BANDUNG%20MURAH%20BERGARANSI%20-%20Eka%20Sakti%20Scaffolding&@n0&@o1000&@q0&@r0&@s306&@ten-US&@u1280&@b1:-46952670&@b3:1669346936&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fekasaktiscaffolding.com%2Ftimed%2FZS%2F67526a58c1bbd07edb84502c557210ca%2Fenterpassword.php&@w
192.99.13.63200 OK 71 B URL HTTP/1.1 s4.histats.com/stats/3996824.php?3996824&@f16&@g1&@h1&@i1&@j1669346936193&@k0&@l1&@mPage%20not%20found%20-%20SCAFFOLDING%20BANDUNG%20MURAH%20BERGARANSI%20-%20Eka%20Sakti%20Scaffolding&@n0&@o1000&@q0&@r0&@s306&@ten-US&@u1280&@b1:-46952670&@b3:1669346936&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fekasaktiscaffolding.com%2Ftimed%2FZS%2F67526a58c1bbd07edb84502c557210ca%2Fenterpassword.php&@w
IP 192.99.13.63:0
File type ASCII text, with no line terminators
Hash 292f909f3af53a1333fc8632c30d77d9
d543485543a9f7ca1069c57fe10fffae3b9fc636
bd59cda629bc216c7cb1ce4ec4cbe97f2ff94e230b5629cb5d2a6411aa1f6cd8
GET /stats/3996824.php?3996824&@f16&@g1&@h1&@i1&@j1669346936193&@k0&@l1&@mPage%20not%20found%20-%20SCAFFOLDING%20BANDUNG%20MURAH%20BERGARANSI%20-%20Eka%20Sakti%20Scaffolding&@n0&@o1000&@q0&@r0&@s306&@ten-US&@u1280&@b1:-46952670&@b3:1669346936&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fekasaktiscaffolding.com%2Ftimed%2FZS%2F67526a58c1bbd07edb84502c557210ca%2Fenterpassword.php&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 03:28:57 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 71
Connection: close
s10.histats.com/counters/cc_306.js
46.105.201.240200 OK 8.2 kB URL HTTP/2 s10.histats.com/counters/cc_306.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (18825), with no line terminators
Hash 21eb7990a5c4a339def5270fe4476170
ec68dad030ebd5203a866682dc3cb15d3d15e595
336f4996d9b4cbc0a29f72800a1c33baf6effb1613121d6c19332dda0b646a45
GET /counters/cc_306.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekasaktiscaffolding.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 03:22:38 GMT
etag: "-336561721"
last-modified: Thu, 16 Apr 2020 10:45:32 GMT
x-request-id: 811699578
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 8229
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2236
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 03:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2236
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 03:28:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2236
Expires: Fri, 25 Nov 2022 04:06:14 GMT
Date: Fri, 25 Nov 2022 03:28:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1adbf0cd373a4c06caa71eac14e1286c
236199a790f16dcf96dba80b9945836b37e3c2eb
767fd66cf0751dd80b2453588f9363fac7d9637da3dc9098d25fb65699ca8c5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2302d358-ba65-4bf0-9d74-b5fb532a1d52.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6590
x-amzn-requestid: 5d8b02c4-673a-4c77-8f24-498d9b8a28ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8zGeAIAMF4HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-661ce3991caf87e8558158c3;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4iFMdgZvXpHdbGKY-3exNXsKVn2FuWGQg70mCqzGLSHk_bSTiXSCxA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:01:38 GMT
age: 19640
etag: "236199a790f16dcf96dba80b9945836b37e3c2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9bc7c4877bfa24d0c1bbb774cd906af1
75d9a14e98ffba5a71a6f710be721b593338ffdc
b0e1d9af095632e6d75bc7606bccfb0c1903f5173696cefb7e36c3d34a98358e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72e29c5-d9d3-43d5-8c71-f66a22a3f112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: e8956a92-d016-41a2-99b4-631a6db3b8db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: byQzsFY3IAMF9iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63772e7d-2337148b0a824d134aaab9d7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 07:04:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nqv3cZb0_TFYs1XuLw1pCg4B1HmA87mj4S1Sjh3cgXyWd3GnweAY7w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 04:26:03 GMT
age: 82975
etag: "75d9a14e98ffba5a71a6f710be721b593338ffdc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92171fa8fbc051aefeb8ceb6072848de
377775b7c7b085efa6dd653d285ba3a52af6a549
537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 57116
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:04:28 GMT
age: 80670
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c67bf2eb6ca2d7e2b34df1dbe8e7b36
cdacea802c72450973140387aafacae9df78b0aa
52c1b293ec45c98077953699dcc48d77d4aee2bb12f38ef21c692af9171b6db2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bd50a26-dc90-4a0f-9ac7-e2950f1e9d5f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8275
x-amzn-requestid: 350ffdb7-723f-4dfc-95e8-e76364d1313d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8xGPAoAMFbWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-10d4c566779b9b9f4bb9112d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nJ7Ppbn5tLf-PIzvOMM-JK3paiWilTRRs5f93VzR0dZ5XDeIGwWonw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:55 GMT
age: 19983
etag: "cdacea802c72450973140387aafacae9df78b0aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JbjUiHcVu2ytN848RqI8Ygkd0R9YCnq_OeFdc5Y5JTymA2k9HN4lZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:01 GMT
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
age: 21237
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
81.19.215.20404 Not Found 0 B URL HTTP/2 ekasaktiscaffolding.com/timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php
IP 81.19.215.20:0
ASN #25369 Hydra Communications Ltd
Analyzer Verdict Alert fortinet Phishing
GET /timed/ZS/67526a58c1bbd07edb84502c557210ca/enterpassword.php HTTP/1.1
Host: ekasaktiscaffolding.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
x-powered-by: PHP/7.4.32
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://ekasaktiscaffolding.com/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Fri, 25 Nov 2022 03:28:55 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2