ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4682
Cache-Control: max-age=98360
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:29:59 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:49:19 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14621
Expires: Mon, 05 Dec 2022 12:33:40 GMT
Date: Mon, 05 Dec 2022 08:29:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 08:18:28 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 691
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8461
Expires: Mon, 05 Dec 2022 10:51:00 GMT
Date: Mon, 05 Dec 2022 08:29:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: CvE8OMWmZRnz3YmpVgJ5ynh/sbqQaLJ//9guVJHOrWbmRusu8ljdIMyjRu3bI1NlUVyNqieJLIY=
x-amz-request-id: BMTH4F19J58RWF0Z
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 07:47:19 GMT
age: 2560
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 08:29:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 08:11:19 GMT
cache-control: public,max-age=3600
age: 1120
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4670
Cache-Control: max-age=93281
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:00 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:24:41 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1d8f1aa6e21ff525f2af91cc6eb6fe48
cc6820bd287e2046fbadef16548ab0d52ac65752
fea20a255b169f5113eee90b3f23db159972c63ea92cef262dca988085a04b14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEA20A255B169F5113EEE90B3F23DB159972C63EA92CEF262DCA988085A04B14"
Last-Modified: Sun, 04 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 05 Dec 2022 14:30:00 GMT
Date: Mon, 05 Dec 2022 08:30:00 GMT
Connection: keep-alive
push.services.mozilla.com/
54.188.211.138101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.188.211.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kPrAXhkMQXEv7X6pZu9Dtg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sJTR0cHgbFJzbgaVrOQkDa31DTQ=
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 08:30:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 08:30:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 08:30:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 08:30:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9162
Expires: Mon, 05 Dec 2022 11:02:43 GMT
Date: Mon, 05 Dec 2022 08:30:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 38233
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 37620
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 20688
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 99d1ff8fa2e095dcf2bda3d1e1af1221
f914f04a0e1fb45a221d31d2105bfc73015b03e6
90325d4299a44dbd213857ada6f6880db8c33ad61685cfcb60c4a2455a84cf87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7663e5fc-37de-4be8-9be7-49805622f85d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10183
x-amzn-requestid: 0cdea572-aab4-4d52-948b-976170a787a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_uLHQZoAMF4hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1327-7948052f39c4f6071b4a0e0d;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Vhtd0Bo5kTQySEn0vD_RJin0usoC7GQvK74fhVtrtZNEy64_vrWQNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 38655
etag: "f914f04a0e1fb45a221d31d2105bfc73015b03e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1be5ade2f8eb160f9974766374c9dd01
8d3d92355304ccfcd50ae96f55b2754220f05187
5087642c70cd92613c2a490b532fc7651c4b25f8712a59b4f7a178cc44cdf90f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: d4dfc77c-65cc-46f1-b8a3-ea6cebd0976d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYE2woAMFgPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-639ca0813c23b9cb75ff24c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhweRJZbG0P_lxekUIz506RXW5f9iVQ1Cvfg-k3gJTWHIrzTu2uenQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 04:50:04 GMT
age: 13197
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 38240
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=DC-10578597
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-10578597
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 18f8687963ebafed50af67273aad50f8
d728c3161985540cf570302b290c849ddf6daad0
5b5ee3db72bc938836eda283639bfc2d77001e9c3018bc2414b66480ac74b837
GET /gtag/js?id=DC-10578597 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 08:30:03 GMT
expires: Mon, 05 Dec 2022 08:30:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44138
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=DC-11236391
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=DC-11236391
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 39b4daabf9d3b6be5aa9e4d0a8b74513
8675bac6224be75edbeabf89e371e122acfac372
9b405e21d017753319bbdf0e244121fae3dccb428791d3399611a489b0d1d5b0
GET /gtag/js?id=DC-11236391 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 08:30:03 GMT
expires: Mon, 05 Dec 2022 08:30:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-332531362
172.217.21.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-332531362
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 618f50eb43e84d8825596fd9835ed176
b80410930c4c5d1518e98465549e103d4568aa6f
5a983bc0002b604fdac641ffd1a81c447b9fc60b04e0ebbfb0fe532adbb31844
GET /gtag/js?id=AW-332531362 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 08:30:03 GMT
expires: Mon, 05 Dec 2022 08:30:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52877
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645653114559&cv=9&fst=1645653114559&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 984 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645653114559&cv=9&fst=1645653114559&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2393), with no line terminators
Hash 66b491cf59c950a3def1e2d5123fe823
1609a8c9372e6b88fe09af0c7ff4f91f78948f38
2a54fb922a81225eac5db539b1336edae7fc712f81294a471b06716925e615cb
GET /pagead/viewthroughconversion/319309780/?random=1645653114559&cv=9&fst=1645653114559&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 984
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-1004668939
172.217.21.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-1004668939
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 7a74e68728b0ee380682e4b93c2aa405
6c7c60b9774ef8485516d58b46a8f5bce93e78e7
c82585d63645957ff626a5449b84ff8e409a6d335e85462d79c329f1eca0444b
GET /gtag/js?id=AW-1004668939 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 08:30:03 GMT
expires: Mon, 05 Dec 2022 08:30:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52921
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645653114561&cv=9&fst=1645653114561&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 986 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645653114561&cv=9&fst=1645653114561&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2391), with no line terminators
Hash 14f28ded789c4ba898dc35b82ac013f9
534c2a33ff2bdeadcc03f1c2d9b95119103d2f82
0b442d48184cdbb5f173f164fec31c20fa29e20ba9cb94ca4777f622bf2cca80
GET /pagead/viewthroughconversion/925186924/?random=1645653114561&cv=9&fst=1645653114561&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645653114554&cv=9&fst=1645653114554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 986 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645653114554&cv=9&fst=1645653114554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2395), with no line terminators
Hash 86f3cd2b7ec2ab68df171d0c025fd4ea
525743a6cc851375fd932f01000a4d9dad6eb887
5402aa6a26f81fb317c55b26ae396d989e22765a0145863486a858a1cad89d1e
GET /pagead/viewthroughconversion/332531362/?random=1645653114554&cv=9&fst=1645653114554&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 986
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645647994275&cv=9&fst=1645647994275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/332531362/?random=1645647994275&cv=9&fst=1645647994275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash d30c2e45bb542d82bc796d6612ca1d60
e3f290e9dfd574bf3e358949c13337529fbd2145
1de624894bb75be449b58605a48d04e6e329659b824b905ea1b7d34daaf37bb7
GET /pagead/viewthroughconversion/332531362/?random=1645647994275&cv=9&fst=1645647994275&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1013
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645653114556&cv=9&fst=1645653114556&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645653114556&cv=9&fst=1645653114556&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2435), with no line terminators
Hash b7dcc61a09e16f0a28e30120833151c9
df3bc717dd937a02a46bd9aa797b8ed3a8fa22bb
a40d6661c1d0f8034035765db04a0cde6369f4bdfa853634ae590496896d837d
GET /pagead/viewthroughconversion/948238967/?random=1645653114556&cv=9&fst=1645653114556&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1000
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-319309780
172.217.21.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-319309780
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 61b97dac82d9cccadeaea56fb8a9c17f
5045027003c136fa9a5975631f1979885bdfebd7
8d9cc5a9f71e2944e4c08ae3453ac817c9387fdec892eda42d7b40a6f250a8a9
GET /gtag/js?id=AW-319309780 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 08:30:03 GMT
expires: Mon, 05 Dec 2022 08:30:03 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52985
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645647994287&cv=9&fst=1645647994287&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/948238967/?random=1645647994287&cv=9&fst=1645647994287&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash b2eda8148d649917697bad87ff3312c3
9089c9aef048c81624f2ed796e4300287e8e1d47
5d1a8b4a96ad57e046981cc5b844ad568c61aa79a92e1b74ccf8901e8b7570db
GET /pagead/viewthroughconversion/948238967/?random=1645647994287&cv=9&fst=1645647994287&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1012
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645647994279&cv=9&fst=1645647994279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645647994279&cv=9&fst=1645647994279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2485), with no line terminators
Hash 87646a20ff6cd85db4d61d6715ff6df2
7e90750b97e8f241b92b085730bdc3b10dd7f09b
2bfbf27c2989d28fa73fb1cc9e6ba816cc142defd54f52e3118563fa1ce404ff
GET /pagead/viewthroughconversion/1004668939/?random=1645647994279&cv=9&fst=1645647994279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1011
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645653114552&cv=9&fst=1645653114552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1004668939/?random=1645653114552&cv=9&fst=1645653114552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2435), with no line terminators
Hash 98476d6d5ac1c9c534c967590392fffc
cc3aaffea73456d9a0660fdd89b0fde81d490b83
ea3dcbad7aaab432ead7d3ecdf798c1c18a14b3b87fb27aa3d44f319e8d87e7f
GET /pagead/viewthroughconversion/1004668939/?random=1645653114552&cv=9&fst=1645653114552&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1000
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645647994281&cv=9&fst=1645647994281&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/319309780/?random=1645647994281&cv=9&fst=1645647994281&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash e83b6e3731b3db293a6b89aacecc2175
9109bad34515f0c5b21e05377012c327a4e9fd86
1d6da996b483a96a877bfb28b26536f5677e2ca9b39cc00128eec0c2378aa8ee
GET /pagead/viewthroughconversion/319309780/?random=1645647994281&cv=9&fst=1645647994281&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1013
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645647994284&cv=9&fst=1645647994284&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.98200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/925186924/?random=1645647994284&cv=9&fst=1645647994284&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.98:0
File type ASCII text, with very long lines (2483), with no line terminators
Hash 06ce5de542b425cc89eca5d626e68f13
5dd16195b8342cb4e7b2fbd932ed2b4ec395b653
4ced3d8886abf2efd781ec4f8b0c44de231c42ae880eeb50b1113f3522820868
GET /pagead/viewthroughconversion/925186924/?random=1645647994284&cv=9&fst=1645647994284&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1011
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:03 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e43934754757e60c0ef28a287f9408e9
c319e63380f1bc639b65b64f1c571163564373a2
4ac2294b8551262271d4665fdd1e719063756146b76d6006a3b0f979eeb4e716
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2850
Cache-Control: max-age=142569
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Etag: "638d2ad2-139"
Expires: Wed, 07 Dec 2022 00:06:12 GMT
Last-Modified: Sun, 04 Dec 2022 23:18:42 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e43934754757e60c0ef28a287f9408e9
c319e63380f1bc639b65b64f1c571163564373a2
4ac2294b8551262271d4665fdd1e719063756146b76d6006a3b0f979eeb4e716
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3058
Cache-Control: max-age=142777
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Etag: "638d2ad2-139"
Expires: Wed, 07 Dec 2022 00:09:40 GMT
Last-Modified: Sun, 04 Dec 2022 23:18:42 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 4958a27223789b95e100f0977bee68d9
73e926412efc76fd5a1cd153291a9121f6d83772
4238e5ad86bebbd12d6670ede245d9665f241e3196a4fb59d771d1eb3831faa6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1681
Cache-Control: max-age=170609
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Etag: "638d9ceb-2d7"
Expires: Wed, 07 Dec 2022 07:53:32 GMT
Last-Modified: Mon, 05 Dec 2022 07:25:31 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 9db8b69d08f85966ead993c30b36c40a
48f5dd4c4cdba38e6bfb294654e573dec30be436
ced0a748fa94affc19e7c4d71c91bc8f32e7eecff4a71621f11c78b69af4e33e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4031
Cache-Control: max-age=91208
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:03 GMT
Etag: "638c5d94-2d7"
Expires: Tue, 06 Dec 2022 09:50:11 GMT
Last-Modified: Sun, 04 Dec 2022 08:43:00 GMT
Server: ECS (amb/6BB6)
X-Cache: HIT
Content-Length: 727
analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4a5b03e1-bfbb-4ff6-832a-1410d701fb0f&tw_document_href=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&tpx_cb=twttr.conversion.loadPixels
104.244.42.67200 OK 57 B URL HTTP/2 analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4a5b03e1-bfbb-4ff6-832a-1410d701fb0f&tw_document_href=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&tpx_cb=twttr.conversion.loadPixels
IP 104.244.42.67:0
File type ASCII text, with no line terminators
Hash d6cff1cc2ef6dbf2da25fade3bab8c65
c96e2822fd1459b7f171d86d88dcd76bc167c113
8d5b13815d3883037c78495a28abfe1815bfc702cade0cd8a7592be793e72996
GET /i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=4a5b03e1-bfbb-4ff6-832a-1410d701fb0f&tw_document_href=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&tpx_cb=twttr.conversion.loadPixels HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Mon, 05 Dec 2022 08:30:03 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_34ct4Rp7nrh3G2jYtHeltw=="; Max-Age=63072000; Expires=Wed, 04 Dec 2024 08:30:03 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 57
content-encoding: gzip
x-transaction-id: 1d5b96edb4a5ba28
strict-transport-security: max-age=631138519
x-response-time: 113
x-connection-hash: 6f4912ddd3c7c61a4d9bd360eeb255da8f8ff85c8779923a00dd9c14e808b466
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6b84eec8-b93a-4cc4-a1d4-4648d57174bf&tw_document_href=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&tpx_cb=twttr.conversion.loadPixels
104.244.42.67200 OK 57 B URL HTTP/2 analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6b84eec8-b93a-4cc4-a1d4-4648d57174bf&tw_document_href=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&tpx_cb=twttr.conversion.loadPixels
IP 104.244.42.67:0
File type ASCII text, with no line terminators
Hash d6cff1cc2ef6dbf2da25fade3bab8c65
c96e2822fd1459b7f171d86d88dcd76bc167c113
8d5b13815d3883037c78495a28abfe1815bfc702cade0cd8a7592be793e72996
GET /i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o70ey&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=6b84eec8-b93a-4cc4-a1d4-4648d57174bf&tw_document_href=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&tpx_cb=twttr.conversion.loadPixels HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Mon, 05 Dec 2022 08:30:03 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_LzdfoFPXJZz1jYOSrUxXqw=="; Max-Age=63072000; Expires=Wed, 04 Dec 2024 08:30:03 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 57
content-encoding: gzip
x-transaction-id: 2211e44dc67eed3f
strict-transport-security: max-age=631138519
x-response-time: 111
x-connection-hash: 6f4912ddd3c7c61a4d9bd360eeb255da8f8ff85c8779923a00dd9c14e808b466
X-Firefox-Spdy: h2
res.ihre.dkb.de/res/dkb/b97318873798f30c5b7de5c73b096a4f.png
52.215.98.6200 OK 1.2 kB URL HTTP/1.1 res.ihre.dkb.de/res/dkb/b97318873798f30c5b7de5c73b096a4f.png
IP 52.215.98.6:0
File type PNG image data, 120 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash b97318873798f30c5b7de5c73b096a4f
3becd2ab3d246f1918e0fb4938ca33d40e052a34
56f693a748244a37167086e734c81d0b7344d03a0748522d3a13abb58e661fe9
GET /res/dkb/b97318873798f30c5b7de5c73b096a4f.png HTTP/1.1
Host: res.ihre.dkb.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/png
Date: Mon, 05 Dec 2022 08:30:04 GMT
ETag: "4a4-5e76027503d80"
Last-Modified: Mon, 29 Aug 2022 12:10:46 GMT
Server: Apache
Content-Length: 1188
Connection: keep-alive
abhayintegratedservices.com/dkb/assets/js/dkb-global.js?etag=55c3852cc4f6c1e93b1e71e743b434a28b2f2c0d
103.50.162.157404 Not Found 355 B URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/dkb-global.js?etag=55c3852cc4f6c1e93b1e71e743b434a28b2f2c0d
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0
Analyzer Verdict Alert fortinet Phishing
GET /dkb/assets/js/dkb-global.js?etag=55c3852cc4f6c1e93b1e71e743b434a28b2f2c0d HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Tue, 09 Mar 2021 04:58:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
content-type: text/html
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/product-global.js?etag=d711c9f78c6a7897c6b3ead8e0ca8a52c67c7b45
103.50.162.157404 Not Found 355 B URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/product-global.js?etag=d711c9f78c6a7897c6b3ead8e0ca8a52c67c7b45
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0
GET /dkb/assets/js/product-global.js?etag=d711c9f78c6a7897c6b3ead8e0ca8a52c67c7b45 HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Tue, 09 Mar 2021 04:58:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
content-type: text/html
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 42e97d0fe7a5805e0712a823b6383fa4
c90b1f644b1630052909e871e1e5392e7c620cfe
8200f90dfb01c544e132d1a3594749b146289aec38a6a7b1dc64eace4ff397e4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 08:30:04 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 05:51:54 GMT
Expires: Fri, 09 Dec 2022 05:51:53 GMT
Etag: "c90b1f644b1630052909e871e1e5392e7c620cfe"
Cache-Control: max-age=335508,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774b6ae9dd87b517-OSL
responder.wt-safetag.com/resp/api/get/438500649507193?url=https%3A%2F%2Flocalhost%2F&v=5
185.54.150.22204 No Content 0 B URL HTTP/1.1 responder.wt-safetag.com/resp/api/get/438500649507193?url=https%3A%2F%2Flocalhost%2F&v=5
IP 185.54.150.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /resp/api/get/438500649507193?url=https%3A%2F%2Flocalhost%2F&v=5 HTTP/1.1
Host: responder.wt-safetag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Mon, 05 Dec 2022 08:30:04 GMT
Connection: keep-alive
Cache-Control: max-age: 0, must-revalidate
Content-Type: text/javascript
Vary: Accept-Encoding
Set-Cookie: ; SameSite=None
cdn.trustcommander.net/privacy/5414/privacy_v2_2.js
192.229.233.55200 OK 20 kB URL HTTP/2 cdn.trustcommander.net/privacy/5414/privacy_v2_2.js
IP 192.229.233.55:0
File type C source, Unicode text, UTF-8 text, with very long lines (65339)
Hash 86e3dc970d481ed47bb711ca14ccf445
57ef9cebebd6a70c843b00d08eb7db1e119aa152
4729ac071a451abbc7ffe66287f510caf496f9ef6ad343c5a128ddee40dcc42c
GET /privacy/5414/privacy_v2_2.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 42698
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:04 GMT
etag: "0ec10140b06db2fffd825a53c173861e+gzip"
last-modified: Fri, 29 Apr 2022 07:45:06 GMT
server: ECS (ska/F70C)
vary: Accept-Encoding
x-amz-id-2: vgDaUNzMx8SdV5Uqr+LXwM5wUAEQQTf0v84jXmWTU960fHTE830PHGNk2taWYuNY6A8/A7M3oqw=
x-amz-request-id: 12DR82J45WFX7FZ8
x-cache: HIT
x-cdn: VDMS
content-length: 19828
X-Firefox-Spdy: h2
cdn.trustcommander.net/privacy/4911/privacy_v2_5.js
192.229.233.55200 OK 20 kB URL HTTP/2 cdn.trustcommander.net/privacy/4911/privacy_v2_5.js
IP 192.229.233.55:0
File type C source, Unicode text, UTF-8 text, with very long lines (65339)
Hash 2ce131167303ecdbc14d2ef2359cc08b
4f6491f8595f70dfb8f596c631ad3014d517784e
8211f1a77c47abdb72706cf5d5443916a0b6952b7abf21212eca4c77f42ba4e2
GET /privacy/4911/privacy_v2_5.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 42694
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:04 GMT
etag: "a8b0fd87d2724695922ae92e272eb317+gzip"
last-modified: Thu, 30 Jun 2022 09:01:12 GMT
server: ECS (ska/F71D)
vary: Accept-Encoding
x-amz-id-2: VzzomJVn+u9dtz1jtrGIwvF5O1v97hj801ekYU6nZOIl/9+pAYWeanLUX5X1rALcH7z3Vw4UweQ=
x-amz-request-id: 64QYCQKMF30QMEGW
x-cache: HIT
x-cdn: VDMS
content-length: 20206
X-Firefox-Spdy: h2
cdn.trustcommander.net/privacy/4898/privacy_v2_17.js
192.229.233.55200 OK 20 kB URL HTTP/2 cdn.trustcommander.net/privacy/4898/privacy_v2_17.js
IP 192.229.233.55:0
File type C source, Unicode text, UTF-8 text, with very long lines (65338)
Hash 94f63e9b85b2a4bf18f1bc7966ee002c
aa64e1122adf9a54b25ea93b7d3107b8bf03ebb4
dd12428b2a0d1e5366ecfc74afb7bf3fde6bac26881706aa4fc22bfc3e8824be
GET /privacy/4898/privacy_v2_17.js HTTP/1.1
Host: cdn.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
access-control-allow-methods: HEAD, GET
access-control-allow-origin: *
access-control-max-age: 31536000
age: 83555
cache-control: max-age=86400, must-revalidate
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:04 GMT
etag: "6978bbaf72d83ba73a4a4356819368c6+gzip"
last-modified: Fri, 01 Jul 2022 07:09:38 GMT
server: ECS (ska/F6FC)
vary: Accept-Encoding
x-amz-id-2: QrPbgkin7TlKRn62m6KKf/qP+VHnfq7RYM+r+cKBZZHZBe/9Spfp+N2/OsYC3csAit5sYR5GIxM=
x-amz-request-id: 8Z85Q2XFPADVW7TS
x-cache: HIT
x-cdn: VDMS
content-length: 20310
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/dkb-login.js?etag=5a289d688b0861053ca8bc8e245a44b8998daf50
103.50.162.157200 OK 10 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/dkb-login.js?etag=5a289d688b0861053ca8bc8e245a44b8998daf50
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (787)
Hash 634d4f19d429e7dfe01d381ce66ab4a6
d79ea49871f9124ca4dd4fb69552d52b0ef7e20e
3aca3740a1ea80dcefadaba0f60afda904a4c2c0dcebe0eb02b1aa679bc7ec13
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
fortinet Phishing
GET /dkb/assets/js/dkb-login.js?etag=5a289d688b0861053ca8bc8e245a44b8998daf50 HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10087
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/img/large.jpg
103.50.162.157200 OK 21 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/img/large.jpg
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.4 (Macintosh), datetime=2021:09:03 15:42:18], baseline, precision 8, 190x145, components 3\012- data
Hash ff5e0cc2326e40c56a35d8c39b7dbfa1
ab52498fc5b216e7f20d465e76c49882c6f96614
3d142d0841f4f025ec89d506a446d642de2d51444aa050fabfba9f5302f53ebf
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /dkb/assets/img/large.jpg HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
content-length: 21083
content-type: image/jpeg
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/product-global.js?etag=d711c9f78c6a7897c6b3ead8e0ca8a52c67c7b45
103.50.162.157404 Not Found 355 B URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/product-global.js?etag=d711c9f78c6a7897c6b3ead8e0ca8a52c67c7b45
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0
GET /dkb/assets/js/product-global.js?etag=d711c9f78c6a7897c6b3ead8e0ca8a52c67c7b45 HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba; dtCookie=v_4_srv_-2D23_sn_4S46URAGVNU375HBQSI9HC61MIGQPF39; rxVisitor=1670229002320NL1143CBNIMC3A72C1FTTPFME8UE4ISG; dtPC=-23$429002315_116h1vUFRUUHPGIASJSFFPKDTTMHTQWSNITSIM-0e0; rxvt=1670230802328|1670229002323; dtLatC=565; dtSa=-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Tue, 09 Mar 2021 04:58:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
content-type: text/html
date: Mon, 05 Dec 2022 08:30:05 GMT
server: Apache
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/dkb-global.js?etag=55c3852cc4f6c1e93b1e71e743b434a28b2f2c0d
103.50.162.157404 Not Found 355 B URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/dkb-global.js?etag=55c3852cc4f6c1e93b1e71e743b434a28b2f2c0d
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash cb50b952a1a41c3358018129e081d511
9b3ce22f173597240fd0c22ff649f3ffb9c6ea99
791b5cb893932898c350d1ec9888ee9c2feaea002431d12e9a1ba29331813be0
Analyzer Verdict Alert fortinet Phishing
GET /dkb/assets/js/dkb-global.js?etag=55c3852cc4f6c1e93b1e71e743b434a28b2f2c0d HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba; dtCookie=v_4_srv_-2D23_sn_4S46URAGVNU375HBQSI9HC61MIGQPF39; rxVisitor=1670229002320NL1143CBNIMC3A72C1FTTPFME8UE4ISG; dtPC=-23$429002315_116h1vUFRUUHPGIASJSFFPKDTTMHTQWSNITSIM-0e0; rxvt=1670230802328|1670229002323; dtLatC=565; dtSa=-
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
last-modified: Tue, 09 Mar 2021 04:58:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 355
content-type: text/html
date: Mon, 05 Dec 2022 08:30:05 GMT
server: Apache
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/tc_NTZ_23.js
103.50.162.157200 OK 79 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/tc_NTZ_23.js
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 9807c0b859e65a188bce3b92cda96081
58cc32c24df5779df756ea7d1aea0a48d20f4c20
e3a11a11ac6b5264c4b9b35e3c21def27ca860271848955f6a8da13771572ffb
Analyzer Verdict Alert fortinet Phishing
GET /dkb/assets/js/tc_NTZ_23.js HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10578597.fls.doubleclick.net/activityi;src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch?
142.250.74.134200 OK 284 B URL HTTP/2 10578597.fls.doubleclick.net/activityi;src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (601), with no line terminators
Hash 6c7c5a9a630ddfee47964a08facb0cb2
5ca10c98b77d4a35e64ca53deb5c2b03e992911d
c69e04ff80f267c980f7772101736abcf3eccfc1370147de924283b20fc4b059
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /activityi;src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch? HTTP/1.1
Host: 10578597.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 284
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 16:19:20 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AqxHFiRzR8y6MuSGWbUHdFSfr4kJiGPduRd06ZvgI_pNqe14ST9vIQ==
Age: 58246
abhayintegratedservices.com/dkb/assets/js/tc_DKB_21.js
103.50.162.157200 OK 26 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/tc_DKB_21.js
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 28f67d65886ba4630a9b3a39c5e71e9a
7a6421ce58f3662717ed4d6533c0ed6ed9a40638
a4b0842e6c32f91215ee2accd681c428c71dbf50c0b08fe41eb361838867be4d
Analyzer Verdict Alert fortinet Phishing
GET /dkb/assets/js/tc_DKB_21.js HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/a5c8723d-5b80-4b04-8df5-425eccf81a04.js
151.139.128.10301 Moved Permanently 0 B URL HTTP/2 cdn.mouseflow.com/projects/a5c8723d-5b80-4b04-8df5-425eccf81a04.js
IP 151.139.128.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /projects/a5c8723d-5b80-4b04-8df5-425eccf81a04.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 05 Dec 2022 08:30:05 GMT
accept-ranges: bytes
content-length: 0
location: https://cdn.mouseflow.com/projects/a5c8723d-5b80-4b04-8df5-425eccf81a04_eu.js
cache-control: max-age=86400
x-hw: 1670229005.cds205.sk1.hn,1670229005.cds226.sk1.c
x-hw-loc: https://cdn.mouseflow.com/projects/a5c8723d-5b80-4b04-8df5-425eccf81a04.js
access-control-allow-origin: *
X-Firefox-Spdy: h2
11236391.fls.doubleclick.net/activityi;src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php?
142.250.74.134200 OK 257 B URL HTTP/2 11236391.fls.doubleclick.net/activityi;src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (529), with no line terminators
Hash 62fc9bcb56f1bf485d21356ff447a84f
da46267a160ccae561bda4eb574f49a3477461b4
7902a07cf2e235898e94893a0f5c84ba6797f78ab71a03c2f365829e178af7af
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /activityi;src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php? HTTP/1.1
Host: 11236391.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:05 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 257
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bat.bing.com/bat.js
13.107.21.200200 OK 11 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Hash 22e2e3226eb5ada04929a2e43307eeda
04615fa88f80567974bdeb0f103ca5909746ebd7
41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11421
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=168E3067380A67080AA2221639FF66A6; domain=.bing.com; expires=Sat, 30-Dec-2023 08:30:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B165E9AFB06C4B2AAB12E28393CFEFE7 Ref B: OSL30EDGE0222 Ref C: 2022-12-05T08:30:05Z
date: Mon, 05 Dec 2022 08:30:05 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=12000009&Ver=2&mid=c3d8669b-d3d9-45d9-bf7f-d8b616a6f78f&sid=7061087094e511ecaa802b0267ee9044&vid=7061177094e511ec8cfbf9903138312a&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&p=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&r=http%3A%2F%2Flocalhost%2F%2Fdkb%2F<=402&evt=pageLoad&msclkid=N&sv=1&rn=61593
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=12000009&Ver=2&mid=c3d8669b-d3d9-45d9-bf7f-d8b616a6f78f&sid=7061087094e511ecaa802b0267ee9044&vid=7061177094e511ec8cfbf9903138312a&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&p=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&r=http%3A%2F%2Flocalhost%2F%2Fdkb%2F<=402&evt=pageLoad&msclkid=N&sv=1&rn=61593
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=12000009&Ver=2&mid=c3d8669b-d3d9-45d9-bf7f-d8b616a6f78f&sid=7061087094e511ecaa802b0267ee9044&vid=7061177094e511ec8cfbf9903138312a&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&p=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&r=http%3A%2F%2Flocalhost%2F%2Fdkb%2F<=402&evt=pageLoad&msclkid=N&sv=1&rn=61593 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2232E8A698DC6D8B0023FAD799296C70; domain=.bing.com; expires=Sat, 30-Dec-2023 08:30:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6D711FFAEB3F4A7392EB0FCABFFE390C Ref B: OSL30EDGE0222 Ref C: 2022-12-05T08:30:05Z
date: Mon, 05 Dec 2022 08:30:05 GMT
X-Firefox-Spdy: h2
static.ads-twitter.com/uwt.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/uwt.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
accept-ranges: bytes
date: Mon, 05 Dec 2022 08:30:05 GMT
x-served-by: cache-iad-kjyo7100147-IAD, cache-bma1666-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15375
X-Firefox-Spdy: h2
bat.bing.com/p/action/12000009.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/12000009.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/12000009.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=31B71C0E65E5613906E20E7F641060C5; domain=.bing.com; expires=Sat, 30-Dec-2023 08:30:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 57A8C85B03E1455CAB3C45BF4F3963C8 Ref B: OSL30EDGE0222 Ref C: 2022-12-05T08:30:05Z
date: Mon, 05 Dec 2022 08:30:05 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/action/0?ti=12000009&Ver=2&mid=711668cf-0224-4cb5-8390-2a7a110a4798&sid=7061087094e511ecaa802b0267ee9044&vid=7061177094e511ec8cfbf9903138312a&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&p=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&r=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php<=311&evt=pageLoad&msclkid=N&sv=1&rn=203848
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=12000009&Ver=2&mid=711668cf-0224-4cb5-8390-2a7a110a4798&sid=7061087094e511ecaa802b0267ee9044&vid=7061177094e511ec8cfbf9903138312a&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&p=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&r=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php<=311&evt=pageLoad&msclkid=N&sv=1&rn=203848
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=12000009&Ver=2&mid=711668cf-0224-4cb5-8390-2a7a110a4798&sid=7061087094e511ecaa802b0267ee9044&vid=7061177094e511ec8cfbf9903138312a&vids=0&uach=pv%3D10.0.0&pi=918639831&lg=en-US&sw=1920&sh=1080&sc=24&tl=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&p=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&r=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php<=311&evt=pageLoad&msclkid=N&sv=1&rn=203848 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2352E229FCAC68510292F058FD59696D; domain=.bing.com; expires=Sat, 30-Dec-2023 08:30:05 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ED72EA57F77F46DE8AF73658B4426F01 Ref B: OSL30EDGE0222 Ref C: 2022-12-05T08:30:05Z
date: Mon, 05 Dec 2022 08:30:05 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/319309780/?random=1645653114559&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=357426888&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/319309780/?random=1645653114559&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=357426888&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/319309780/?random=1645653114559&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=357426888&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/1004668939/?random=1645647994279&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3721248527&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1004668939/?random=1645647994279&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3721248527&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1004668939/?random=1645647994279&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3721248527&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/332531362/?random=1645653114554&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2759999512&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/332531362/?random=1645653114554&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2759999512&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/332531362/?random=1645653114554&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2759999512&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/banking
103.50.162.157200 OK 22 kB URL HTTP/2 abhayintegratedservices.com/dkb/banking
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash ed7dc459abff940795825e91f0930791
e795e6589ba5af789e484a621a7c1029a23cfefe
2188dc2a1779000511773396ed315699cfb5443ed345ddd79a3cd040668aac0d
Analyzer Verdict Alert openphish Deutsche Kreditbank
fortinet Phishing
GET /dkb/banking HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 05 Dec 2022 08:30:00 GMT
server: Apache
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: MISS
set-cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba; path=/
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/925186924/?random=1645653114561&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=43130083&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/925186924/?random=1645653114561&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=43130083&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/925186924/?random=1645653114561&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=43130083&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/ruxitagentjs_ICA2Vfhjqrux_10229211201102017.js
103.50.162.157200 OK 108 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/ruxitagentjs_ICA2Vfhjqrux_10229211201102017.js
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 108 kB (107523 bytes)
Hash 7258ab66f9d6c7c9c4eab51eab3f0c25
f224534511d67519da09f87b9d62e6dcd3ababb1
d462dc6603dd1f80923a3d08469c287dbbd02cd5131d6ea580b36f6c020e57f7
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
fortinet Phishing
GET /dkb/assets/js/ruxitagentjs_ICA2Vfhjqrux_10229211201102017.js HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
cdn.mouseflow.com/projects/a5c8723d-5b80-4b04-8df5-425eccf81a04_eu.js
151.139.128.10200 OK 18 kB URL HTTP/2 cdn.mouseflow.com/projects/a5c8723d-5b80-4b04-8df5-425eccf81a04_eu.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (62675), with no line terminators
Hash fb7b912dd0eece3c7b6221e4b098672f
d409d6da6ca1599c985e7cb57f1dea5c1160667e
38a983a608253ff5147ebb6500241f1ec387af0b03167d3a56b61ca39d1292fd
GET /projects/a5c8723d-5b80-4b04-8df5-425eccf81a04_eu.js HTTP/1.1
Host: cdn.mouseflow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://abhayintegratedservices.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 08:30:06 GMT
cache-control: max-age=86400
content-encoding: gzip
content-length: 17575
content-type: application/javascript; charset=utf-8
last-modified: Mon, 28 Nov 2022 13:05:09 GMT
accept-ranges: bytes
etag: "8070dea2a3d91:0"
server:
x-hw: 1670229006.cds205.sk1.hn,1670229006.cds209.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b4c9bc834e851e84ac0f779a505ac0c6
f9746f1a2d68290ba8ba920ec78ecf1602f11eac
a3d9e104fbe02e14a43829a34689265973087658cbb9e7430ab03ed257b6e83f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
11236391.fls.doubleclick.net/activityi;src=11236391;type=invmedia;cat=pagev0;ord=5767929539662;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch?
142.250.74.134200 OK 279 B URL HTTP/2 11236391.fls.doubleclick.net/activityi;src=11236391;type=invmedia;cat=pagev0;ord=5767929539662;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (601), with no line terminators
Hash 0b4c6d73c71ebaf80481e089a2b21d34
471846ec6743613032a7826d278bfbc6d17a4247
075803723f862f57bdbbe271ba26e33513d1bb282f7883edb355dbb75f994323
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /activityi;src=11236391;type=invmedia;cat=pagev0;ord=5767929539662;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch? HTTP/1.1
Host: 11236391.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 279
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 05-Dec-2022 08:45:06 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/img/170407_1024x1024_Logo_Banking_App.png
103.50.162.157200 OK 9.1 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/img/170407_1024x1024_Logo_Banking_App.png
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced\012- data
Hash 46fd8bc6e78fc8d4a40345174a261b91
3592e37d910a1be4dceedffb98c6694e6e79eb6d
b9c750ea19b6182aa8ec5272465dd30ad7785eb8af8e76d3338a50845d6fe0ec
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /dkb/assets/img/170407_1024x1024_Logo_Banking_App.png HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba; dtCookie=v_4_srv_-2D23_sn_4S46URAGVNU375HBQSI9HC61MIGQPF39; rxVisitor=1670229002320NL1143CBNIMC3A72C1FTTPFME8UE4ISG; dtPC=-23$429002315_116h1vUFRUUHPGIASJSFFPKDTTMHTQWSNITSIM-0e0; rxvt=1670230803178|1670229002323; dtLatC=565; dtSa=-; tCdebugLib=1; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPQJLLSJJMKOQZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; TCPID=12212183034058049892
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
content-length: 9134
content-type: image/png
date: Mon, 05 Dec 2022 08:30:06 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/319309780/?random=1645647994281&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3276304234&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/319309780/?random=1645647994281&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3276304234&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/319309780/?random=1645647994281&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3276304234&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/948238967/?random=1645647994287&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2465770708&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/948238967/?random=1645647994287&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2465770708&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/948238967/?random=1645647994287&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2465770708&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
abhayintegratedservices.com/dkb/assets/img/favicon.ico
103.50.162.157200 OK 242 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/img/favicon.ico
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type MS Windows icon resource - 5 icons, -64x-64, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size 242 kB (242142 bytes)
Hash b35d0dda49783541abcaab8f61083b76
af5c9c13f5c9de59ecfd9ad98b6f680c2114b438
b3e982ffba0784b0d1cc5541ce7f272b4a8a6540baab2a29880fb9295e6c741d
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /dkb/assets/img/favicon.ico HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba; dtCookie=v_4_srv_-2D23_sn_4S46URAGVNU375HBQSI9HC61MIGQPF39; rxVisitor=1670229002320NL1143CBNIMC3A72C1FTTPFME8UE4ISG; dtPC=-23$429002315_116h1vUFRUUHPGIASJSFFPKDTTMHTQWSNITSIM-0e0; rxvt=1670230803178|1670229002323; dtLatC=565; dtSa=-; tCdebugLib=1; tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPQJLLSJJMKOQZZZ%5D; tc_cj_v2_cmp=; tc_cj_v2_med=; TCPID=12212183034058049892
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 08:30:06 GMT
server: Apache
content-type: image/x-icon
content-length: 242142
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
cache-control: max-age=604800
expires: Mon, 12 Dec 2022 08:30:06 GMT
x-server-cache: false
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/332531362/?random=1645647994275&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3805285054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/332531362/?random=1645647994275&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3805285054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/332531362/?random=1645647994275&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3805285054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/css/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1
103.50.162.157200 OK 64 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/css/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 9ae04d00c4a63eb663ff915ac3864277
ea60840cb5aeb81894e085f2893c24ab08953723
1a8746670ff68fd239e982215d67aa81cf38a0c99f71b35f0bdd92c958fffe83
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
fortinet Phishing
GET /dkb/assets/css/dkb-global.css?etag=9b9a5402bfdca7a80bdfde84cf57e86abb3d47e1 HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1004668939/?random=1645653114552&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=650492959&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1004668939/?random=1645653114552&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=650492959&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1004668939/?random=1645653114552&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=650492959&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/925186924/?random=1645653114561&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=43130083&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/925186924/?random=1645653114561&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=43130083&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/925186924/?random=1645653114561&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=43130083&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
status.thawte.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5ec31a65787cc77222f1312423476c4d
b3f18e8a2d79d9356b6344af74598eda6faa4830
49658c9cde8aa015f6c1464d67fec7c392c66b31459a783317f72c7b0a7d417f
POST / HTTP/1.1
Host: status.thawte.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5100
Cache-Control: max-age=129332
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Etag: "638cee56-1d7"
Expires: Tue, 06 Dec 2022 20:25:38 GMT
Last-Modified: Sun, 04 Dec 2022 19:00:38 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.google.no/pagead/1p-user-list/319309780/?random=1645653114559&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=357426888&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/319309780/?random=1645653114559&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=357426888&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/319309780/?random=1645653114559&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=357426888&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/948238967/?random=1645653114556&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2554410908&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/948238967/?random=1645653114556&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2554410908&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/948238967/?random=1645653114556&cv=9&fst=1645650000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=6&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2F&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2554410908&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/319309780/?random=1645647994281&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3276304234&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/319309780/?random=1645647994281&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3276304234&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/319309780/?random=1645647994281&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3276304234&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/332531362/?random=1645647994275&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3805285054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/332531362/?random=1645647994275&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3805285054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/332531362/?random=1645647994275&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3805285054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0
15.197.193.217302 Found 762 B URL HTTP/2 insight.adsrvr.org/track/up?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0
IP 15.197.193.217:0
Hash 6431c80e2b4f31bc2f2fd85d9fd284e2
053e3afe786b5e9a51ff8cccfb796154e291e91e
f0a73d2f2f93f5f3ac299d0b0374b7ba71b714311d96e63cecc773e3b11f0685
GET /track/up?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 05 Dec 2022 08:30:05 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=c2d94fd0-3ea9-4aa5-9f24-9f7ef3c8c732; domain=.adsrvr.org; expires=Tue, 05-Dec-2023 08:30:05 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
216.58.207.226200 OK 261 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (528), with no line terminators
Hash 668d50e758e3fe422debaf911f319b2c
b331f11b2565e2cdbfbfbecd9d3e5fea688acdf8
f00c1ea3817693b49c8b3cd0083b8a68d144117ce60f8292ff03811e837b9549
GET /ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10578597.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 261
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
216.58.207.226200 OK 285 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (600), with no line terminators
Hash 1bcb4fbd5450fed01a24c42489f453ab
48db5720ccc901b853443098b6b9fe0a569a8df4
e947af7e8b1a0fa1b25a9a00cd180705e5577a92a9833e2b386a1eb8cbd28da9
GET /ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10578597.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 285
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
216.58.207.226200 OK 259 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (528), with no line terminators
Hash fe7de6b4391ee2f0be76d1db9c854831
c455db37d283f27c5c1b0b11db550f79e82b6d1e
bb35adaf2b9ceb62431ced3ed28dec8bd825112dc90deb83b7e6cbd8b418211f
GET /ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11236391.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 259
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
omd.commander1.com/dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.9678217859653819
13.36.153.31200 OK 54 B URL HTTP/1.1 omd.commander1.com/dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.9678217859653819
IP 13.36.153.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 88dcd7871047159715d7f44b58f38d73
42fcfec12054feaca65da3fc6a821caef6fc701e
2b58eb0ca672e1bd4664d396ebdcbd97e51edbe64b682592125e79a7a58d3ab4
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /dc3/?chn=DIRECT_ACCESS&src=&type=C&limit=10&rand=0.9678217859653819 HTTP/1.1
Host: omd.commander1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 08:30:06 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Set-Cookie: tc_cj_v2=%5Ecl_%5Dny%5B%5D%5D_mmZZZZZZKPQJLLSJJPJJJZZZ%5D; expires=Tue, 05-Dec-2023 08:30:06 GMT; path=/; samesite=none; domain=omd.commander1.com; secure
Cache-Control: private, max-age=486000, pre-check=486000
Pragma: private
Expires: Sun, 05 Mar 23 09:30:06 +0100
Server: web
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www.google.no/pagead/1p-user-list/925186924/?random=1645647994284&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=1262035888&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/925186924/?random=1645647994284&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=1262035888&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/925186924/?random=1645647994284&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=1262035888&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/948238967/?random=1645647994287&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2465770708&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/948238967/?random=1645647994287&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2465770708&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/948238967/?random=1645647994287&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=2465770708&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1004668939/?random=1645647994279&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3721248527&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1004668939/?random=1645647994279&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3721248527&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1004668939/?random=1645647994279&cv=9&fst=1645646400000&num=1&bg=ffffff&guid=ON&u_h=1080&u_w=1920&u_ah=1040&u_aw=1920&u_cd=24&u_his=7&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2oa2g0&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch&ref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php&tiba=DKB%20-%20Deutsche%20Kreditbank%20AG%20-%20Internet%20Banking&async=1&fmt=3&is_vtc=1&random=3721248527&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
abhayintegratedservices.com/dkb/assets/css/dkb_responsive.min.css?etag=656cf0e1
103.50.162.157200 OK 246 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/css/dkb_responsive.min.css?etag=656cf0e1
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 246 kB (246332 bytes)
Hash ea7739c7ba22276c6cd4c85349244734
1b55be3950775520ad7bc65b9d4b50f47d8a497d
409e91095557a5bc3408a7ae0a80e1fc291c39b5c97b07f2b475bcd2d0a36f8c
Analyzer Verdict Alert urlquery phishing Phishing - Deutsche Kreditbank
GET /dkb/assets/css/dkb_responsive.min.css?etag=656cf0e1 HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/tc_OMD_21.js
103.50.162.157200 OK 58 kB URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/tc_OMD_21.js
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 79ba1699b00d5f5f659696fe60f659fb
0577d43b56470c5aca041c3c37bef27ed37ffd8d
76dbdc5450c881e0edc671c081168494e8e83f2033807b1efe582e2187e18a92
Analyzer Verdict Alert fortinet Phishing
GET /dkb/assets/js/tc_OMD_21.js HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 917d281ca22c901597795b51fd9df338
be0e026d76f26092edfc1f67ea98ddc4a539439a
5f47f5ac32d4c80f29c4a69a830ec9427dd0055fc57973f01f73ec22503cd30c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
privacy.trustcommander.net/privacy-consent/
15.188.116.68200 OK 43 B URL HTTP/1.1 privacy.trustcommander.net/privacy-consent/
IP 15.188.116.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
POST /privacy-consent/ HTTP/1.1
Host: privacy.trustcommander.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 144
Origin: https://abhayintegratedservices.com
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 08:30:06 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Cache-Control: private, max-age=486000, pre-check=486000
Pragma: private
Expires: Sun, 05 Mar 2023 08:30:06 GMT
Access-Control-Allow-Origin: https://abhayintegratedservices.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Vary: Origin
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5148006054972;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Mon, 05 Dec 2022 08:30:06 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10578597.fls.doubleclick.net/ddm/fls/r/src=10578597;type=invmedia;cat=dkb_f0;ord=2680592507673;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php;u2=;u3=1645653114;~oref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
142.250.74.162302 Found 0 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/i/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://10578597.fls.doubleclick.net/ddm/fls/r/src=10578597;type=invmedia;cat=dkb_f0;ord=3525461671540;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5767929539662;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
142.250.74.162200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5767929539662;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11236391;type=invmedia;cat=pagev0;ord=5767929539662;gtm=2od2g0;auiddc=1332618628.1645647370;u1=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch;u2=;u3=1645647994;~oref=http%3A%2F%2Flocalhost%2Fdkb%2Fbanking.php%3FsearchField%3D%26%2524event%3Dsearch HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Mon, 05 Dec 2022 08:30:06 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b01b16fb7e18301251b0a89703e5895a
5237d4cd06bcfc464411fe5cdceaf93d13dcbd83
944a7b4600d41a8ea2fa5acb7ecb8021ecafd9d736a10f968682b3d189b77783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b01b16fb7e18301251b0a89703e5895a
5237d4cd06bcfc464411fe5cdceaf93d13dcbd83
944a7b4600d41a8ea2fa5acb7ecb8021ecafd9d736a10f968682b3d189b77783
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 08:30:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion.js
216.58.207.194200 OK 17 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (2772)
Hash ac7574cbc5b2e85b7ddfa76b8657e59d
2bbeec5531576d6352b1c2b74e0e05c1ea10251d
bdf1e52afba9d671ea698707f97e8609de6360c502dc7b6eed2f40f979e08387
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10578597.fls.doubleclick.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 05 Dec 2022 08:30:06 GMT
expires: Mon, 05 Dec 2022 08:30:06 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16359567893097152046
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 16827
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.dwin1.com/11329.js
143.204.55.42200 OK 9.8 kB IP 143.204.55.42:0
Hash cbd4298dc1222c6b9684d7e11dce9d9b
153c26db7a62f408780229264160b71c70305c1c
d77571842bca475064715445795b7b497972acf9a96c9d7bdfcb4ecee4c4d2cd
GET /11329.js HTTP/1.1
Host: www.dwin1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
x-amz-replication-status: COMPLETED
last-modified: Thu, 01 Dec 2022 11:17:37 GMT
x-amz-version-id: Duo_QzqClah9nTjJerr037EmIODRjeBx
server: AmazonS3
content-encoding: gzip
date: Mon, 05 Dec 2022 08:22:36 GMT
cache-control: max-age=600, s-maxage=600
etag: W/"2806365c255022ce7e0b8c03fdda9d3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 8siVu7BanS8MLyhZa0_j0BFRbFBXnyzRzRi_B5m2yopj-YTsZoFnHA==
age: 450
X-Firefox-Spdy: h2
match.adsrvr.org/track/upb/?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0
15.197.193.217200 OK 0 B URL HTTP/2 match.adsrvr.org/track/upb/?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0
IP 15.197.193.217:0
GET /track/upb/?adv=zg5fhtv&ref=http%3A%2F%2Flocalhost%2F%2Fdkb%2Fbanking.php&upid=gvxg0zp&upv=1.1.0 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://abhayintegratedservices.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 08:30:06 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
abhayintegratedservices.com/dkb/assets/js/tc_DKB_27.js
103.50.162.157200 OK 0 B URL HTTP/2 abhayintegratedservices.com/dkb/assets/js/tc_DKB_27.js
IP 103.50.162.157:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Phishing
GET /dkb/assets/js/tc_DKB_27.js HTTP/1.1
Host: abhayintegratedservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://abhayintegratedservices.com/dkb/banking
Cookie: PHPSESSID=7ca51b69ed1ad5044b6a367930e2d5ba
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 22 Nov 2022 15:55:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Mon, 05 Dec 2022 08:30:03 GMT
server: Apache
X-Firefox-Spdy: h2