r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5545
Expires: Fri, 09 Dec 2022 06:02:14 GMT
Date: Fri, 09 Dec 2022 04:29:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3816
Expires: Fri, 09 Dec 2022 05:33:25 GMT
Date: Fri, 09 Dec 2022 04:29:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 04:08:17 GMT
content-type: application/json
age: 1292
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2899
Expires: Fri, 09 Dec 2022 05:18:08 GMT
Date: Fri, 09 Dec 2022 04:29:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AeUUgTeLubcBQMQeuu1XG92JIHADM+4dEGiPysYD4l74uhuDxvpsh+I/nTjpNAcbmGwdg1RZTOQ=
x-amz-request-id: 1M73Z5SNWRZH7X6J
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 03:48:10 GMT
age: 2499
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 04:29:49 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 04:07:59 GMT
age: 1310
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd55f4aaaab6ec40bc7dc10252cd819a
a72523f60be265a391fa9edc43e0a93418ad1fd0
bae354b3db14f4fd115311a0c412c9b5e436dd9e0a151afd8b9c18831dd8c2dd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5848
Cache-Control: max-age=108871
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:49 GMT
Etag: "6391a92c-1d7"
Expires: Sat, 10 Dec 2022 10:44:20 GMT
Last-Modified: Thu, 08 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.42.148.177101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.42.148.177:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ju8X1/NWL9oHdaUwBXNzug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wfK93N2attlYyePYBVAcGHkSdX0=
gsicunnao.org.in/
162.144.90.192301 Moved Permanently 0 B IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 09 Dec 2022 04:29:36 GMT
Server: Apache
X-Redirect-By: WordPress
Location: http://www.gsicunnao.org.in/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6668
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 04:29:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6668
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 04:29:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6668
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 04:29:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7b8c1870f03a90aac6370fc69516f95f
1e94fd7c9a2f9fe4867e21ab217879a2180a9cdb
f43702cd363447680d545d928f9ea6f997a770228108b4c9312999b76891bb38
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F43702CD363447680D545D928F9EA6F997A770228108B4C9312999B76891BB38"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6668
Expires: Fri, 09 Dec 2022 06:20:59 GMT
Date: Fri, 09 Dec 2022 04:29:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 3085
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 10:15:09 GMT
age: 65682
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9cb76c68a8cd472600106cc118067868
6cee6b1828c709f68b995197ca943a5c393f86fb
009d9ba19043b03b5aceeb80b69bf249f19a0a225bdbfef7ab8691669cb64130
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F884d1162-4377-487f-a056-b21117ef5001.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8204
x-amzn-requestid: cf54b5f8-ede8-49d5-aa56-5d9de98e3ab8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjtKfEiToAMFSXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af576-6ddfe35c0b31074d6a07076f;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:06:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UfqFAlLedF6ZkfbGXhyYDcvu0porNJb6LPaeQ8p4dqWqsFD6iRgWLw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 15:50:07 GMT
age: 45584
etag: "6cee6b1828c709f68b995197ca943a5c393f86fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 730ba1a8edb79ba6f83b46d1ba5aed7b
55a236fedf6f5f7ca2bb88ae13e20846a50fd36d
f8043e76265c59073d111987fd4c08d05a3ac80989af9269cca9ebcc21af4013
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf07b4f3-8986-4a9c-8c85-b126338852d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12748
x-amzn-requestid: edd028e3-c23e-4985-b12d-d3ebe760df47
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjuciEptIAMFj9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638af783-1c151eb66f590c9c0e0c4c82;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 07:15:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -y4-_OwHl5_OFykJYYZSqwIopjKoYy1MhaGTpVXd4Grq2EsUP2c3IA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 18:34:32 GMT
age: 35719
etag: "55a236fedf6f5f7ca2bb88ae13e20846a50fd36d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb00a2a503a690cee3e4dd729b5bc9bd
cfb1e5bcab2148a777889680e6e36b9d7e8917ec
7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 05:44:09 GMT
age: 81942
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de5d319f43d9c9c641419d96655541f
cde4c7fa0145d3645af17e34c83c63c08f76a076
fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 07:15:07 GMT
age: 76484
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5514
Cache-Control: max-age=101013
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:52 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 08:33:25 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
104.17.24.14200 OK 6.7 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.16.0/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (21084)
Hash 9e85c6f6521bceeccb3d9ba9149fef80
1e18137215b276bb9bda85ac311d9c8cd5b01985
913b850ee0b505bf6b957ecd04dd3aab13543c9047c46532ac27b0be31e206bc
GET /ajax/libs/popper.js/1.16.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:29:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 6696
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-5309"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1388852
expires: Wed, 29 Nov 2023 04:29:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLqbDAI%2BXPKbOCHsP1YSNx%2BRLSB4Bcksl0e5GuQPtDkeAizatfzjdgez73gb5osjsptAPIOCTk9ThBCk7hME%2BLLEc4tahH3UGwrPbPR2e1sZxqOR526NFYMUVpVUEFTdBhQeyJiD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 776b00959f91b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 40ed5ec0836e5a03f0c1347b5db96966
40a1f62afbf3c26ea40be6d287122f3ffd19870e
2fd03cac65cc434ddade13acacc1c68a2a4bbc557e3a03777ea20fdd6c91a441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5514
Cache-Control: max-age=101013
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:52 GMT
Etag: "63918bcb-117"
Expires: Sat, 10 Dec 2022 08:33:25 GMT
Last-Modified: Thu, 08 Dec 2022 07:01:31 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.170200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 06:48:11 GMT
expires: Thu, 07 Dec 2023 06:48:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
age: 164501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
104.18.10.207200 OK 25 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css
IP 104.18.10.207:0
File type ASCII text, with very long lines (65324)
Hash 370d14921f5636647eb1691a2be975ee
97e742c16b2c50722a9fa2c80ed9be67165bab51
532a9eb3edb2c291e908f4a4a7df3538ff82980cbc12d8a2e243fbba6b9ae59e
GET /bootstrap/4.4.1/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:29:52 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/03/2021 15:16:56
cdn-edgestorageid: 601
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-proxyver: 1.0
cdn-status: 200
cdn-requestid: 56c78c6fab4202e1d33cd4e5b8fa2829
cdn-cache: HIT
cf-cache-status: HIT
age: 16004388
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776b0095bf910b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4e3dc85fd71bdb106039966a96cdd02b
53d3487232ddcac30b53c224c94e63571633e5af
d0a3a292876b50c590a3fa6c04d3471a6fb726c54f57e75c21f2e1bd45424ace
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1
151.101.193.229301 Moved Permanently 0 B URL HTTP/1.1 cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1
IP 151.101.193.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 0
Server: Varnish
Retry-After: 0
Location: https://cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1
Accept-Ranges: bytes
Date: Fri, 09 Dec 2022 04:29:53 GMT
X-Served-By: cache-bma1646-BMA
X-Cache: HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
142.250.74.106200 OK 1.1 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext
IP 142.250.74.106:0
Hash 7d5978eb65ebf46f535000aeb7b83d11
d64c84281e4ca0605a4f4cc201edd15c2328a7f7
fffe03db40fdc7db46668277add134eb4886f80caa9faf08b9ca8360908e3ebd
GET /css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Dec 2022 04:29:53 GMT
Date: Fri, 09 Dec 2022 04:29:53 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Cabin+Sketch%3Aregular%2C700%7CRubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CSacramento%3Aregular%7CRozha+One%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1
142.250.74.106200 OK 1.5 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Cabin+Sketch%3Aregular%2C700%7CRubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CSacramento%3Aregular%7CRozha+One%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1
IP 142.250.74.106:0
Hash 62f1722c91a45d4407a9c720dce8b8dc
4ea625cf4174430fcde3bd1b1a9c139df6dcd1c6
7b02d4f6db3463c427e9cce52f2d56d0810b3a7271016b1138455b889abfdfec
GET /css?family=Cabin+Sketch%3Aregular%2C700%7CRubik%3A300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C700%2C700italic%2C900%2C900italic%7CSacramento%3Aregular%7CRozha+One%3Aregular%7CPoppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 09 Dec 2022 04:29:53 GMT
Date: Fri, 09 Dec 2022 04:29:53 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1
151.101.193.229200 OK 2.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1
IP 151.101.193.229:0
File type ASCII text, with very long lines (6498), with no line terminators
Hash b337d87a81b4df63d2f1798a60bb4769
af3947f6fa2f8497f004546583bd6f223a3305a1
161b8d5632d06c7d1faca533a644dedb8b0338059482116a6d7d73ebc0c02fca
GET /npm/es6-promise@4/dist/es6-promise.auto.min.js?ver=6.1.1 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.gsicunnao.org.in/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.2.8
x-jsd-version-type: version
etag: W/"1962-NLNASu4jwzBScgHcLDtueKdlX1E"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 09 Dec 2022 04:29:53 GMT
age: 35876
x-served-by: cache-fra-eddf8230035-FRA, cache-bma1672-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2487
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash f5eabe6a0ab4af70c46388096d85765b
bbc3adc839b79b4ac5ae4d776ad8b7787a443f14
8e7b540e51ee755a6caf286556bc56af81ac1fdd2fa361e1d908e9fbfddcf829
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "187EAA1C5BABE5C9F25911A34FC8F8537CD8EF53"
Expires: Fri, 09 Dec 2022 15:00:00 GMT
Last-Modified: Fri, 09 Dec 2022 03:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1472
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776b00971c15b4f9-OSL
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/deprecated-style.min.css?ver=2.5.6
162.144.90.192200 OK 1.7 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/deprecated-style.min.css?ver=2.5.6
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1708), with no line terminators
Hash 399cb7bd20da23e0c16859fe3bcc0cc0
917e2ac8e3d11fb6eb3e104564076f743b2cb27c
6ea13741aecc9bba40c8b94e78efe045d05ec90f44fcc333776ef00b84d3c130
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/css/deprecated-style.min.css?ver=2.5.6 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:40 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 1708
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/slick.min.css?ver=2.5.6
162.144.90.192200 OK 1.3 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/slick.min.css?ver=2.5.6
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1327), with no line terminators
Hash da4e146913da6966d85a6b8686886edb
03a28dac9dfc6c33e6175c9c185911c56525d31b
fb3ed351cd5c0f1f30f88778ee1f9b056598e6d25ac4fdcab1eebcd8be521cd9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/css/slick.min.css?ver=2.5.6 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:40 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 1327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-includes/css/classic-themes.min.css?ver=1
162.144.90.192200 OK 217 B URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/css/classic-themes.min.css?ver=1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:40 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2022 11:41:22 GMT
Accept-Ranges: bytes
Content-Length: 217
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/font-awesome.min.css?ver=2.5.6
162.144.90.192200 OK 29 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/font-awesome.min.css?ver=2.5.6
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (28900)
Hash bb53ad7bffecc0014d64553e96501dce
7cd5a3384333f95c3d37d9488ad82cd6c4b03761
7bc15c522a05ce0e56b8cb3fff83bc6e770130afdd840d469869db69663d78fe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/css/font-awesome.min.css?ver=2.5.6 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:40 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 29062
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/style.min.css?ver=2.5.6
162.144.90.192200 OK 4.0 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/style.min.css?ver=2.5.6
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4020), with no line terminators
Hash c7eec7a0dec0373873581a8d4a9db793
fb1978351fb7b230d0543b3dfc6381bef690d710
248ce97201b935106698d0c4caecb2ce9d8725a935016137be498c97d75920b9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/css/style.min.css?ver=2.5.6 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 4020
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
162.144.90.192200 OK 11 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash 79b4956b7ec478ec10244b5e2d33ac7d
a46025b9d05e3df30d610a8aef14f392c7058dc9
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Wed, 18 Nov 2020 09:06:06 GMT
Accept-Ranges: bytes
Content-Length: 11224
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
162.144.90.192200 OK 95 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (47826)
Hash 71d925864153f0edf91037f3d31048e8
cc16a0524ac63b5ce29f703a66412224f0dd771a
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:40 GMT
Server: Apache
Last-Modified: Wed, 16 Nov 2022 00:29:53 GMT
Accept-Ranges: bytes
Content-Length: 94889
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=6.1.1
162.144.90.192200 OK 1.7 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 92dc42790a6d4f5f3b673548025baa03
dad0f904f6e712b00004203c93e1c421491cf21b
6c1510ef35e8322bf3c09c53aa955cd3b0a9e5ac65d15dd518c84ffc4b511c9f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Divi/core/admin/js/recaptcha.js?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:02:40 GMT
Accept-Ranges: bytes
Content-Length: 1696
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
162.144.90.192200 OK 20 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19592), with no line terminators
Hash c8ce216c05853f04763304f892d6847d
832325b0028585ad71ee4db8e5a3fe31cdfca0b7
d69df684f52edd9ddf9993720ac1a6fbe5e644b4c469e0aa6fd3a1902c299030
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Sun, 13 Nov 2022 09:18:49 GMT
Accept-Ranges: bytes
Content-Length: 19592
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-includes/css/dashicons.min.css?ver=6.1.1
162.144.90.192200 OK 59 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/css/dashicons.min.css?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (58981)
Hash d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dashicons.min.css?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Wed, 03 Mar 2021 21:16:22 GMT
Accept-Ranges: bytes
Content-Length: 59016
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/css/foogallery.min.css?ver=2.2.7
162.144.90.192200 OK 102 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/css/foogallery.min.css?ver=2.2.7
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Size 102 kB (101934 bytes)
Hash f7badbc9215ec5656a0cd5ab97992f3e
77ed307cc91942ad828f7b2cf6f412cefdbc32d2
b9395b831f938989f1540afdb615c97f0d993a4c39b08358439f28c4e2079a99
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/foogallery/extensions/default-templates/shared/css/foogallery.min.css?ver=2.2.7 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:03:46 GMT
Accept-Ranges: bytes
Content-Length: 101934
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
162.144.90.192200 OK 90 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65447)
Hash 17738318d61d394f1de8890d589afaec
f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2022 11:41:22 GMT
Accept-Ranges: bytes
Content-Length: 89684
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/
162.144.90.192200 OK 64 kB IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 660d2243b3c1c1aa917418723e961d4c
3fe5f140ad5fb3c03b203d692c4dfe62f4936dcf
a685402cdf909ee5477e463ada166e05a5dd86a85fcc9127f2e5e195366b40a0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:38 GMT
Server: Apache
Link: <http://www.gsicunnao.org.in/wp-json/>; rel="https://api.w.org/", <http://www.gsicunnao.org.in/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <http://www.gsicunnao.org.in/>; rel=shortlink
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
www.gsicunnao.org.in/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
162.144.90.192200 OK 4.2 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (4186), with no line terminators
Hash ea958276b7de454bd3c2873f0dc47e5f
b143f6e8e8f79d8f104c26b0057ef5514d763219
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Fri, 07 Jun 2019 20:45:02 GMT
Accept-Ranges: bytes
Content-Length: 4186
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
162.144.90.192200 OK 11 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11256), with no line terminators
Hash 2b0dd7eecea03b4bdedb94ba622fdb03
703becba85161118dd6fc66af465428ef43f561c
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 29 Sep 2020 15:53:06 GMT
Accept-Ranges: bytes
Content-Length: 11256
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/js/common.js?ver=4.3.4
162.144.90.192200 OK 1.4 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/js/common.js?ver=4.3.4
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 82b34a0f20682b94458a89521a92c7ca
cd97bdd72c8f7ca65a37ea7d78ff71580633169a
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Divi/core/admin/js/common.js?ver=4.3.4 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:02:40 GMT
Accept-Ranges: bytes
Content-Length: 1360
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/js/sp-slick-active.min.js?ver=2.5.6
162.144.90.192200 OK 1.8 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/js/sp-slick-active.min.js?ver=2.5.6
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1813), with no line terminators
Hash b2af468d86ebb0bbb122256ba2f0a28c
de5f4f32df2318eebea2f5192f5c5c8155ccf0d7
9622c03a42c68b4f713987fb95f1524c9100286c4acd262d12d99a14af4108cc
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/js/sp-slick-active.min.js?ver=2.5.6 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 1813
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/js/slick.min.js?ver=2.5.6
162.144.90.192200 OK 50 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/js/slick.min.js?ver=2.5.6
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (50539), with no line terminators
Hash 26a3736a33e8222d690b91b84745a9c0
b1dc6ba65962b7426d184840375750675cbe4e57
ff9584b36f641e4bec5417690a48ce3390b4cfedec6613b3b909dc8406e5a5e5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/js/slick.min.js?ver=2.5.6 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 50539
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
162.144.90.192200 OK 1.2 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1191), with no line terminators
Hash 51300497928562f8c86c7aaba99237cd
e5826832b85c6afc6502b74cbb8ac5394b04c363
6d161e98e47ae150b51211443eef37040fb6269dcf85ad2048548066dca99e6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelement-migrate.min.js?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Fri, 08 Apr 2022 20:07:18 GMT
Accept-Ranges: bytes
Content-Length: 1191
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
162.144.90.192200 OK 19 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 32beb68a374e3aeac00abdf9e12b84ea
b5d18aa625e8696dd9d07cd0869337717b211ae0
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 12 Apr 2022 05:56:23 GMT
Accept-Ranges: bytes
Content-Length: 18617
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
162.144.90.192200 OK 906 B URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (906), with no line terminators
Hash 2c6d3b562a48e0df5474999dd47e58fb
945220e990eb176c14e53cc663fb01e04e31b59f
3e6131330963c472b950b8aaf544ba3829735b8ccb103d614ba7793e3a786550
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/wp-mediaelement.min.js?ver=6.1.1 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Wed, 20 Jan 2021 13:35:18 GMT
Accept-Ranges: bytes
Content-Length: 906
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/themes/Divi/style.css?ver=4.3.4
162.144.90.192200 OK 782 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/themes/Divi/style.css?ver=4.3.4
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (64513)
Size 782 kB (782417 bytes)
Hash d302207420796db40667a46f73215f03
14e726e4dbd2178a02b3d2f5a0b5ae94c5b6bd3e
d2a6813bc787e0c8fff61b535b98d68e2a4155902217a0963c5a6e3c9f923fe0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Divi/style.css?ver=4.3.4 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:02:39 GMT
Accept-Ranges: bytes
Content-Length: 782417
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b5cba4e1962a1fe17c9021f3e418975a
01293d7e4084011451f7d17936ab2427504cdb1a
ecfe30d3abc32ca9f933303d75b2055642d3c7c8197af08fe2c314394699594b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/1.1 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8000
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 02:03:57 GMT
Expires: Fri, 08 Dec 2023 02:03:57 GMT
Cache-Control: public, max-age=31536000
Age: 95158
Last-Modified: Wed, 27 Apr 2022 16:59:07 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2
216.58.207.227200 OK 18 kB URL HTTP/1.1 fonts.gstatic.com/s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18176, version 1.0\012- data
Hash bb35a7e4ed935bd3e56eaa8aabe2a268
b6f2b6682f7188b44b32b77475d8a8d9461b9e39
a59c71d6d0228815b82ac65ea344a928cc80d684fc5aa74cf1088b4f1d869aff
GET /s/rozhaone/v13/AlZy_zVFtYP12Zncg2kRcn35.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 18176
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 07 Dec 2022 20:28:27 GMT
Expires: Thu, 07 Dec 2023 20:28:27 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 15:29:25 GMT
Content-Type: font/woff2
Age: 115288
www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_02-1.png
162.144.90.192200 OK 641 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_02-1.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash e7500030674a481e009f8f508026ec2a
e16b2e1f810c9c5eac4137b9b0af84e7324fa864
b0ead6a534ec385bef7c3bb15043266b9fdb3491809016ecd40190095974e92b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/tele-health-care_icon_02-1.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:52:35 GMT
Accept-Ranges: bytes
Content-Length: 641
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_01-1.png
162.144.90.192200 OK 805 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_01-1.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash 72828bcd7ff3f5355e290aeee10226f4
9b5255d2180272ba021e3ac7700bf1f9100f024d
80d3836284e45869a97e51f81879cb2001138e511448029fb0df1858192329e0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/tele-health-care_icon_01-1.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:52:35 GMT
Accept-Ranges: bytes
Content-Length: 805
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 05 Dec 2022 19:26:03 GMT
Expires: Tue, 05 Dec 2023 19:26:03 GMT
Cache-Control: public, max-age=31536000
Age: 291832
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/1.1 fonts.gstatic.com/s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34112, version 1.0\012- data
Hash c21e7acd53a6d80fa451f1af92d9a492
4096e12b96fa2549e4f169044a49b6ec60214008
6a0d96c353719068401ebbedf7f58e3be1232756327243922b6ab9690a3591bd
GET /s/rubik/v23/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 34112
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 01:15:16 GMT
Expires: Fri, 08 Dec 2023 01:15:16 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 07 Dec 2022 18:11:50 GMT
Content-Type: font/woff2
Age: 98079
www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_03-1.png
162.144.90.192200 OK 647 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_03-1.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash 993a988b1f6c1ba53803c1cd0b3ae80c
7330a162263728f099a0f0ed20dd30e411824418
5200abaf31c5896f0fe275e94f88b739123e2a0c3df01f8602a5e62a818330cb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/tele-health-care_icon_03-1.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:52:40 GMT
Accept-Ranges: bytes
Content-Length: 647
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/cabinsketch/v19/QGY2z_kZZAGCONcK2A4bGOj0I_1Y5tjz.woff2
216.58.207.227200 OK 135 kB URL HTTP/1.1 fonts.gstatic.com/s/cabinsketch/v19/QGY2z_kZZAGCONcK2A4bGOj0I_1Y5tjz.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 135376, version 1.0\012- data
Size 135 kB (135376 bytes)
Hash eea015f6d707a93d55080ca68faf7a44
d20219f4d08bd0f9323b6c39f14bfe199db9b038
5b1ad02715a39f758061673f2c39631e1d256f6b5d865355fc63a785f40f399a
GET /s/cabinsketch/v19/QGY2z_kZZAGCONcK2A4bGOj0I_1Y5tjz.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 135376
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 06 Dec 2022 20:55:37 GMT
Expires: Wed, 06 Dec 2023 20:55:37 GMT
Cache-Control: public, max-age=31536000
Age: 200058
Last-Modified: Thu, 21 Apr 2022 16:29:32 GMT
Content-Type: font/woff2
www.gsicunnao.org.in/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
162.144.90.192200 OK 158 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65266)
Size 158 kB (158005 bytes)
Hash e53ec3d6e21be78115810135f5e956fe
523892839b88351523e0498ba881c4431197b54e
b15c3ea03d50c2430490e7416733a254feea4237bb60b54181bd3473ebe4149f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/mediaelement/mediaelement-and-player.min.js?ver=4.2.17 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Thu, 03 Nov 2022 11:41:22 GMT
Accept-Ranges: bytes
Content-Length: 158005
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/themes/Divi/js/custom.unified.js?ver=4.3.4
162.144.90.192200 OK 400 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/themes/Divi/js/custom.unified.js?ver=4.3.4
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (25123)
Size 400 kB (400013 bytes)
Hash 1d58cf7cdf26f33f8c363528885abe5a
271a89bcae69ad1950e7eec42f030460dce7cd28
afcef71a50222e93d96de220c604d9f73dab1d419689d7f44c532d0a4ffb5dbb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Divi/js/custom.unified.js?ver=4.3.4 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:41 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:02:40 GMT
Accept-Ranges: bytes
Content-Length: 400013
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/js/foogallery.min.js?ver=2.2.7
162.144.90.192200 OK 125 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/js/foogallery.min.js?ver=2.2.7
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65292), with CRLF line terminators
Size 125 kB (125318 bytes)
Hash b6ba05c6baa0baa3840be9d691618722
743989768a5e3541e60a419d4c07571a265b7a68
b66e9dddc748dac43e2fb52472c088881d435798cb1fe899bef7e7a4a8551e40
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/foogallery/extensions/default-templates/shared/js/foogallery.min.js?ver=2.2.7 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:03:46 GMT
Accept-Ranges: bytes
Content-Length: 125318
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/img/icons.svg
162.144.90.192200 OK 9.0 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/img/icons.svg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (636), with CRLF line terminators
Hash e2bcc8536d946b613867b8e9565a1558
ef0c75b3e003afc55cecf6c9f1253c1cbcbb99b2
c8f7c1bf37afd5f5b582acdfe460876a60324c65f6fa1fe74f711ec5b9666ff8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/foogallery/extensions/default-templates/shared/img/icons.svg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gsicunnao.org.in/wp-content/plugins/foogallery/extensions/default-templates/shared/css/foogallery.min.css?ver=2.2.7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:03:46 GMT
Accept-Ranges: bytes
Content-Length: 9005
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d28556.73881205045!2d80.44635772705078!3d26.533232048315384!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x399c15a25061f3a5%3A0x187b6a64c0c010ce!2sA.S.H.A.%20NGO%20UTTAR%20PRADESH!5e0!3m2!1sen!2sin!4v1655235571163!5m2!1sen!2sin
142.250.74.164200 OK 1.6 kB URL HTTP/2 www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d28556.73881205045!2d80.44635772705078!3d26.533232048315384!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x399c15a25061f3a5%3A0x187b6a64c0c010ce!2sA.S.H.A.%20NGO%20UTTAR%20PRADESH!5e0!3m2!1sen!2sin!4v1655235571163!5m2!1sen!2sin
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3178)
Hash 5b03d93c418c0234483b7de5d5d28a67
3d0777969d24a5ad78371d4017d5fd6d2b4988a3
db9c9f51dd4893b3375f11f1487938de4e9faf21c7e0debcd4bc25e17603a90e
GET /maps/embed?pb=!1m18!1m12!1m3!1d28556.73881205045!2d80.44635772705078!3d26.533232048315384!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x399c15a25061f3a5%3A0x187b6a64c0c010ce!2sA.S.H.A.%20NGO%20UTTAR%20PRADESH!5e0!3m2!1sen!2sin!4v1655235571163!5m2!1sen!2sin HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Fri, 09 Dec 2022 04:29:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-CprWqjIP6q67pHtSsfuFAQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 1554
x-xss-protection: 0
server-timing: gfet4t7; dur=173
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.29-PM-1.jpeg
162.144.90.192200 OK 192 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.29-PM-1.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x721, components 3\012- data
Size 192 kB (191889 bytes)
Hash c14bf192ac0e55bdc4a47a7d90188d20
188b26b6dbe78870ab1ef0bcc109a12d5e07a67a
39c240aa051c0f9b00caa09e2470860a9fbfd2edd99239395da65b89f45b5ec5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.29-PM-1.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 13:04:35 GMT
Accept-Ranges: bytes
Content-Length: 191889
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0905812e8498e6c5c0a9b4b584b972f
039b784fd1e0152ec7f49a54ba027f0b2bd1e833
ee3531ef0f334dcd73a86b1e4365a020d5db69ff7b82bad136eaf1a8e9d3b47f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gsicunnao.org.in/wp-content/uploads/2022/06/gauri.png
162.144.90.192200 OK 4.8 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/gauri.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 384 x 61, 8-bit/color RGBA, non-interlaced\012- data
Hash 3151e5501f4f95c260320d453eb73ba4
28df9ff5941d99b718cfe33710a59f148865c437
de08774505cf42546d026bff9690dfc6490b7d403e9eadb82e3fa6620a9d34c6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/gauri.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:14:23 GMT
Accept-Ranges: bytes
Content-Length: 4840
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_04-1.png
162.144.90.192200 OK 846 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_04-1.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash 9af93eb2b49971f1978f108705d70c33
c2595fe355de996d9318447ac9c2cec3c9952f83
16803e1cb182c11c2f2bced74598c944326bb5272e1599d380cb48ce5a263bcc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/tele-health-care_icon_04-1.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:52:40 GMT
Accept-Ranges: bytes
Content-Length: 846
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_05-1.png
162.144.90.192200 OK 620 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_05-1.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash efb75ecb88047095bd0c36b21a95cdda
43c59de780645af31541fc8f5c469174fd2b1197
2807edc52f43a730f6dc3003debc61a8272fe42ff6d0c8bc94dda01e63c6223a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/tele-health-care_icon_05-1.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:52:40 GMT
Accept-Ranges: bytes
Content-Length: 620
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_06-1.png
162.144.90.192200 OK 726 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/tele-health-care_icon_06-1.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 76, 8-bit colormap, non-interlaced\012- data
Hash 678a32dcce3bd36d38f044f14454ceb1
a2d9e3205d561ac8f671e371d90f966a19ccaa55
4544ace99eb8433f7b9c3b156b08236b1698983b3c0af26aed9b251ab801c15d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/tele-health-care_icon_06-1.png HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:52:40 GMT
Accept-Ranges: bytes
Content-Length: 726
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.20-PM-120x120.jpeg
162.144.90.192200 OK 4.4 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.20-PM-120x120.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 120x120, components 3\012- data
Hash 626c8f79f4a488304c8ca4884a5b2f63
8e87d878c3b8ea0977ac366e5a571afc92753e63
af7b5bc9bfaf17f32417db3e3946f59cb90252513614d2b74297d1df023e6b9d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.20-PM-120x120.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 12:59:25 GMT
Accept-Ranges: bytes
Content-Length: 4422
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-05-20-at-10.59.05-AM-360x270-1-360x250-1.jpeg
162.144.90.192200 OK 24 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-05-20-at-10.59.05-AM-360x270-1-360x250-1.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 360x250, components 3\012- data
Hash 88b0f31620e5d8d52cb7e9436268040e
c8f35d2ca1407230dad0e6b47406d4175ef18a20
0147a73a3f7eecbfe6aa949aea9497a4adecd637b878c00b074468ac271f679c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-05-20-at-10.59.05-AM-360x270-1-360x250-1.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 13:24:43 GMT
Accept-Ranges: bytes
Content-Length: 24282
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.gsicunnao.org.in/wp-content/uploads/2022/06/wp-1572177920982-400x250-1.jpg
162.144.90.192200 OK 44 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/wp-1572177920982-400x250-1.jpg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 400x250, components 3\012- data
Hash dca48945e83f373c931185f845d67342
cb35e2191ea9c9c5cfeb4aa0a1c32f39348c4c24
c0af27c16ea0b67fdced5b12be41c4026c3ca1f7069903cf683e335c250d68ec
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/wp-1572177920982-400x250-1.jpg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 13:25:15 GMT
Accept-Ranges: bytes
Content-Length: 43555
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
142.250.74.99200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/3/init_embed.js
IP 142.250.74.99:0
File type ASCII text, with very long lines (2669)
Hash 670da89542ecf04a8bbff2049748654f
2fcd2c31427edfd9b3180e233a009677b0d88973
d1bdcacb4973ce7c60a0f59144bf6fb699eea4fc016ca1780cdf61dbd9efb3bc
GET /maps-api-v3/embed/js/51/3/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69327
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 20:12:25 GMT
expires: Thu, 07 Dec 2023 20:12:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 05 Dec 2022 18:55:12 GMT
content-type: text/javascript
age: 116250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8f6ab0debac98d11413e20fa98ba8286
e63543ba0f3a685edf4d8fee3f587efd5417015f
fe6bc081b1963c61a3af1ab7b7b1213ae5bc7b962c5474d8f6fe123547d5d309
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.29-PM.jpeg
162.144.90.192200 OK 192 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.29-PM.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x721, components 3\012- data
Size 192 kB (191889 bytes)
Hash c14bf192ac0e55bdc4a47a7d90188d20
188b26b6dbe78870ab1ef0bcc109a12d5e07a67a
39c240aa051c0f9b00caa09e2470860a9fbfd2edd99239395da65b89f45b5ec5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.29-PM.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 13:00:09 GMT
Accept-Ranges: bytes
Content-Length: 191889
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
104.18.10.207200 OK 18 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
IP 104.18.10.207:0
File type ASCII text, with very long lines (59729)
Hash 60f43203985dbff2b5c34089173afa35
fb37b85edc3a9828c3d0e7396161baf88e5a058b
5d9ad991b75fb80f8ca9c165cc535d47a40f8e4d946fdc8c6f9e214c52442c2a
GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 04:29:52 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 2021-04-23 06:31:47
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 316dd8dc4548c84c5ed62b2e7265e1a2
cdn-cache: HIT
cf-cache-status: HIT
age: 18670484
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776b0095bf900b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/fonts/modules.ttf
162.144.90.192206 Partial Content 84 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/fonts/modules.ttf
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 74e22b385c01d54822af850395929981
c3d212eb32b8ba77ecf4b134618febdc64654960
283f80fe53d62284568eb1d4bb95d163effe61a09d878d37545d87da904f738a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Divi/core/admin/fonts/modules.ttf HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/themes/Divi/style.css?ver=4.3.4
Range: bytes=8446-
If-Range: Tue, 14 Jun 2022 09:02:40 GMT
HTTP/1.1 206 Partial Content
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:02:40 GMT
Accept-Ranges: bytes
Content-Length: 83954
Content-Range: bytes 8446-92399/92400
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/ttf
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.26-PM.jpeg
162.144.90.192200 OK 179 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.26-PM.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x721, components 3\012- data
Size 179 kB (179155 bytes)
Hash 9986f953f831e3eae7753dcd35f01276
055e648c39bb556dd754684164e912d7c7ca03da
944fc2fb9463b2b35819d9884147b253020ad9246e3f176bfaee64e861b41cde
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.26-PM.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 12:59:49 GMT
Accept-Ranges: bytes
Content-Length: 179155
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mrpickarchalpur.org.in/wp-content/uploads/2022/06/shapes-bg-color.png
162.144.90.192200 OK 36 kB URL HTTP/1.1 mrpickarchalpur.org.in/wp-content/uploads/2022/06/shapes-bg-color.png
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1920 x 1447, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f6be67a510f7d917362cfebd97db0fa
dd9ca9a9101523bdb90e26a8451a8d538e7811f4
dd30adeb70336e3b71435d0bca7e9cec7a08afbaebba12162451d260601f6466
GET /wp-content/uploads/2022/06/shapes-bg-color.png HTTP/1.1
Host: mrpickarchalpur.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Sun, 05 Jun 2022 10:39:38 GMT
Accept-Ranges: bytes
Content-Length: 35683
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.28-PM.jpeg
162.144.90.192200 OK 202 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.28-PM.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1600x721, components 3\012- data
Size 202 kB (202045 bytes)
Hash 14f445137192699f7e07aa48c7ee833f
25bdb91be607f769308bd22d57f7c377cc6560a5
de5dfb2371a2e03a920ded1c7108f243da06767a14a8850a5a3ba28005f78da8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.28-PM.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 13:00:02 GMT
Accept-Ranges: bytes
Content-Length: 202045
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
162.144.90.192200 OK 72 kB URL HTTP/1.1 www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/fonts/fontawesome-webfont.woff2?v=4.6.3
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 71896, version 4.393\012- data
Hash e6cf7c6ec7c2d6f670ae9d762604cb0b
97e438cc545714309882fbceadbf344fcaddcec5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/testimonial-free/src/Frontend/assets/fonts/fontawesome-webfont.woff2?v=4.6.3 HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/plugins/testimonial-free/src/Frontend/assets/css/font-awesome.min.css?ver=2.5.6
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:04:36 GMT
Accept-Ranges: bytes
Content-Length: 71896
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff2
mrpickarchalpur.org.in/wp-content/uploads/2022/06/jess-watters-483666-unsplash.jpg
162.144.90.192200 OK 82 kB URL HTTP/1.1 mrpickarchalpur.org.in/wp-content/uploads/2022/06/jess-watters-483666-unsplash.jpg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1041, components 3\012- data
Hash 5ddef7d2d677df414c4966f64674f873
18482a8db03b756456eca6058ffe77f62943621c
dec39bc318e1e177c6b75285c455f66c4b2c1b8d561b9082fa6a57a64f8fd3e7
GET /wp-content/uploads/2022/06/jess-watters-483666-unsplash.jpg HTTP/1.1
Host: mrpickarchalpur.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:43 GMT
Server: Apache
Last-Modified: Sun, 05 Jun 2022 10:39:55 GMT
Accept-Ranges: bytes
Content-Length: 82276
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3713
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:56 GMT
Last-Modified: Fri, 09 Dec 2022 03:28:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_GB/sdk.js
157.240.221.16200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (1957)
Hash cf8c94606cecdc68db68ea3d8f5e5b25
f1502ebbf6a2aeee69c329a1342c29cda5f85176
a69b9a95d7cbcdc4eb0559623a6fd890aa5b5b785ddde99116f6e1d0d25e2cd6
GET /en_GB/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 53543c62166b8ed7b10203c1cbcc7f43
etag: "a0959da0ee1e43e5930d657bb2d66572"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 09 Dec 2022 04:42:31 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: z4yUYGzs3GjbaOo9j15bJQ==
x-fb-debug: TV7EBR4GVpRANPEDImt9tGoxQTCiOsxS/pWNzAZN9Ri89UcMEdDMtLhF7AkDia1PXOzia/2hzykNtPE9ISCF1w==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 04:29:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3713
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:56 GMT
Last-Modified: Fri, 09 Dec 2022 03:28:03 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_GB/sdk.js?hash=94c5b6bc1451ed1daf317dfb4c215315
157.240.221.16200 OK 87 kB URL HTTP/2 connect.facebook.net/en_GB/sdk.js?hash=94c5b6bc1451ed1daf317dfb4c215315
IP 157.240.221.16:0
File type ASCII text, with very long lines (13192)
Hash 27146058c06783e61dffab6fd6d6a77c
ee625b6e1baeb6c1e021b6bc7c522e4cebd5b41b
f39a428bd907128af41444eb8591a9f582ec6670cbbb705bae546325ae232c07
GET /en_GB/sdk.js?hash=94c5b6bc1451ed1daf317dfb4c215315 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.gsicunnao.org.in
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 543d059c6832e5c21d8789f01a81e9f2
etag: "3046b84d68a873e7331272e5cc93666e"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 08 Dec 2023 23:43:41 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JxRgWMBng+Yd/6tv1tanfA==
x-fb-debug: UaD4dDJdFwBBQREBBqbuMxOZ1FRnK7gcvS/Jkc6NCSU35DPF5HJOn2Hyimsb6PmPMhdqQq5qRL6UbEhbjhhNeg==
content-length: 86989
x-fb-trip-id: 1679558926
date: Fri, 09 Dec 2022 04:29:56 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d61883097c47c0fcb4a15cafc5bdbdfc
54411aba43093cafd1cb2acea7c2b4c69184611f
0aef2b974544f530bd591dd0201909a9c2a6b3f4451c69288bafc126d9a37e2c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 04:29:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
142.250.74.106200 OK 16 kB URL HTTP/2 fonts.googleapis.com/css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en
IP 142.250.74.106:0
Hash 2c5e576c986fa3babe2c32f4a7ca3f3c
2f9f0aaf63ec000b07fc073c26fddfb6ab4e4466
f560931ec3844307c32fb2b1503925261fc99f30ecd22d27664b104e13e5567c
GET /css?family=Google+Sans+Text:400&text=%E2%86%90%E2%86%92%E2%86%91%E2%86%93&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:29:57 GMT
date: Fri, 09 Dec 2022 04:29:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:33:56 GMT
expires: Thu, 07 Dec 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 118561
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00cf5825452b2f69b0ac859dccb64ab
60aed079c48181cf46cef4d1aaa1c316a7ef7048
3aea2aa14407b6ac9d64d0f35111fec50f51632adfc39047c15bde4afd148a78
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F111d6163-0ce5-4897-9a84-a9cefa74d2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7694
x-amzn-requestid: 0c67138c-1a6d-49ef-bd43-f9a7176679ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: c2LZjFjrIAMFUSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63925909-764272151a0a4d284c6cb1bb;Sampled=0
x-amzn-remapped-date: Thu, 08 Dec 2022 21:37:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aaEYG20Wueg557qEBq46sSUl3-_HxgZA73s-kPo3GmYgWgrGgFPl_Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:48:32 GMT
age: 24085
etag: "60aed079c48181cf46cef4d1aaa1c316a7ef7048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.25-PM.jpeg
162.144.90.192200 OK 0 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.25-PM.jpeg
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/06/WhatsApp-Image-2022-06-14-at-4.47.25-PM.jpeg HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/et-cache/9/et-core-unified-9-16683311277909.min.css
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 12:59:40 GMT
Accept-Ranges: bytes
Content-Length: 177976
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en
IP 142.250.74.106:0
GET /css?family=Roboto:300,400,500,700|Google+Sans:400,500,700|Google+Sans+Text:400&lang=en HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Dec 2022 04:29:57 GMT
date: Fri, 09 Dec 2022 04:29:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/fonts/modules.ttf
162.144.90.192200 OK 0 B URL HTTP/1.1 www.gsicunnao.org.in/wp-content/themes/Divi/core/admin/fonts/modules.ttf
IP 162.144.90.192:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/Divi/core/admin/fonts/modules.ttf HTTP/1.1
Host: www.gsicunnao.org.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.gsicunnao.org.in/wp-content/themes/Divi/style.css?ver=4.3.4
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 04:29:42 GMT
Server: Apache
Last-Modified: Tue, 14 Jun 2022 09:02:40 GMT
Accept-Ranges: bytes
Content-Length: 92400
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/ttf