pwxoe.bilsteringdate.com/?utm_source=1487682cbbf8560d&s1=2007&s2=167920&s3=&s5=&click_id=fjhzc6471fb9c0000286c
63.32.216.166302 Found 48 B URL User Request GET HTTP/2 pwxoe.bilsteringdate.com/?utm_source=1487682cbbf8560d&s1=2007&s2=167920&s3=&s5=&click_id=fjhzc6471fb9c0000286c
IP 63.32.216.166:443
Certificate IssuerLet's Encrypt
Subject*.bilsteringdate.com
Fingerprint52:FA:7F:86:D8:66:69:35:38:31:0B:07:B0:49:42:2C:4A:C7:A4:AA
ValiditySat, 08 Apr 2023 01:19:26 GMT - Fri, 07 Jul 2023 01:19:25 GMT
File type HTML document, ASCII text
Hash b6a6951bf78dc4e14b930cc1e41b105a
f23fd59ba487036589859d18cc7bdab857aa6b93
09995daebf04d193ae9f6819f7117e53c0b2f924d028db69d39d3f25f7c15716
GET /?utm_source=1487682cbbf8560d&s1=2007&s2=167920&s3=&s5=&click_id=fjhzc6471fb9c0000286c HTTP/1.1
Host: pwxoe.bilsteringdate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx
date: Sat, 27 May 2023 12:46:34 GMT
content-type: text/html; charset=utf-8
content-length: 48
location: https://www.imitrk13.com/
set-cookie: unique_id=6471fbaa000c768b; Path=/; Expires=Wed, 26 Jul 2023 12:46:34 GMT; Secure; SameSite=None
unique_id2=6471fbaa000c8304; Path=/; Expires=Fri, 25 Aug 2023 12:46:34 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sat, 27 May 2023 12:46:34 GMT; Secure; SameSite=None
tid=cxfpo6471fbaa00051cc7; Path=/; Expires=Sun, 30 Apr 2028 12:46:34 GMT; Secure; SameSite=None
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/landings/278175/1684764162/css/reset.css?1684764162
95.101.11.40200 OK 750 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/css/reset.css?1684764162
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 320ef06347c0c7030fff1680c0a75136
8d72c3fc5397ffe42f736e784b2256442ba07248
0f66cffe9b71dfd75001b302e0ac2f6ce93e0303dfb1f4e141815688e3487e38
GET /landings/278175/1684764162/css/reset.css?1684764162 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: mT17/WuHgYKrBQmQngXraNquK/sJaw/7to6kcDvce9rlfmk8hpEiqpWi2GPDAlVjj4vnR0dT/Ew=
x-amz-request-id: 84CS120G8R348ZJH
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "320ef06347c0c7030fff1680c0a75136"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 27 May 2023 12:46:34 GMT
Content-Length: 750
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278175/1684764162/css/style.css?1684764162
95.101.11.40200 OK 776 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/css/style.css?1684764162
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash b5efaf64069e355d05b90b46d7ed7700
d08fd2ff27180e7110f2bc839ea13a284d9112ce
440302c9cef9fc201f2342e7d711c90e4bf60339d026c243a713a87f2589df88
GET /landings/278175/1684764162/css/style.css?1684764162 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: l33e7EBoJuzD5pFabEtyFVy9mu613YzTZe20PPzhFYD6b96Z7yRbvvOt+1wRVfi8cr5Z1Zj7hC4=
x-amz-request-id: 84CMV4VVKD6ARCED
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "b5efaf64069e355d05b90b46d7ed7700"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 27 May 2023 12:46:34 GMT
Content-Length: 776
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 8fdba15b1e036bbb416fbd6c272e5543
20193b9d3ced059164358e60bad68a0ea1bc87b9
1d3d0b81779aae77441b81abe782f4a37a1b88fd2863360de0865784279a7438
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 12:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.imitrk13.com/js/pushjs/1.0.0/utils.js
18.200.4.16200 OK 4.5 kB URL GET HTTP/2 www.imitrk13.com/js/pushjs/1.0.0/utils.js
IP 18.200.4.16:443
Requested by https://www.imitrk13.com/
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type gzip compressed data, from Unix\012- data
Hash 74960a38f1c1263a65c53f2775a95c67
a4abc6310ad0f565bf088295e5e03d5f155df8e5
aa9d12280ec11084038ac51a4fab4e3e82d51127b4076d8fc40982162253baf5
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=6471fbaa00024548; unique_id2=6471fbaa00024e12
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:46:35 GMT
content-type: application/javascript
expires: Sat, 03 Jun 2023 12:46:35 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/assets/css/reset.css
95.101.11.40302 Moved Temporarily 0 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/assets/css/reset.css
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/reset.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/404
95.101.11.40404 Not Found 134 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/404
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/assets/css/style.css
95.101.11.40302 Moved Temporarily 0 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/assets/css/style.css
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/style.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/404
95.101.11.40404 Not Found 134 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/404
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278175/1684764162/images/pic-man_d.png
95.101.11.40200 OK 37 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/images/pic-man_d.png
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 814 x 896, 8-bit colormap, non-interlaced\012- data
Hash a2e6765efc94ba8cf4bd936126576d3f
426685660df181223b3576e2cb317c4504027526
f134ab86c5a305d0a04300128322588f171b21a531cf82aa1c5ad75f58820543
GET /landings/278175/1684764162/images/pic-man_d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Xokdo/XkLAa7JgdpfP0fVMWhe53oaX1EreTb7RvOItF4WtDKnO4eGZ9qRxkNxsaRMrPe8sUDvHg=
x-amz-request-id: 84CPT7BJY3SQ62T0
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "a2e6765efc94ba8cf4bd936126576d3f"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 37157
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278175/1684764162/images/arrow.svg
95.101.11.40200 OK 5.2 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/images/arrow.svg
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (854)
Hash 349f207f561b8a5aaa030f17f7faa9d8
488f571a76a5ecff5a3f9ed85940feb0b29637a8
cbc3d1acb359e7a987ef29a89f62ee132f49318a3a328dfbd119a493fee8f167
GET /landings/278175/1684764162/images/arrow.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/278175/1684764162/css/style.css?1684764162
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 6YNB8TKQxLrP44DKlLykFG3W53rnI18qr+oQjOPU2w6n92KSaRHwCKr5bkSUKJyUb9ftjfGVZ84=
x-amz-request-id: Y6B1BF491T249ZKA
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "349f207f561b8a5aaa030f17f7faa9d8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5162
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 12:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
216.58.207.227200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 216.58.207.227:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imitrk13.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 27 May 2023 03:18:14 GMT
expires: Sun, 26 May 2024 03:18:14 GMT
cache-control: public, max-age=31536000
age: 34101
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash d4e2d954927aa1532ece1f3aad871a48
64080e5552252600638702178c90cd946984d117
7dc0934c025e5057e7011bc9b1d43c7dad69fd03c2398f15baab0385a96b230d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 27 May 2023 12:46:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dimi.akamaized.net/landings/278175/1684764162/images/favicon.ico?t=20230527124634
95.101.11.40200 OK 1.2 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/images/favicon.ico?t=20230527124634
IP 95.101.11.40:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3c292280ee9b4d7a15bf7b3a6673acf7
72fae9ef1e5a2c730fbcf586cb84b6ebecae6189
658e1996ba0e0e34a6e650d1d4b7463ca1e0793e9b7ccb3f424a0ccd4625c17b
GET /landings/278175/1684764162/images/favicon.ico?t=20230527124634 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: BvuPbJxiszgHjF7o0FQQa3oCeckpXxxeaHxWjuBV/nfrENkdJprA4cNjQ43R7j0j5ReHdRdFKpw=
x-amz-request-id: DKBYQ495N3PWP967
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "3c292280ee9b4d7a15bf7b3a6673acf7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 1150
Date: Sat, 27 May 2023 12:46:35 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.67200 OK 8.6 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.67:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (25088)
Hash 9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:35 GMT
expires: Wed, 22 May 2024 17:31:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 328500
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.67200 OK 10 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.67:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type ASCII text, with very long lines (35547)
Hash 0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:27 GMT
expires: Wed, 22 May 2024 21:40:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 313568
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
18.200.4.16200 OK 9.4 kB URL GET HTTP/2 www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
IP 18.200.4.16:443
Requested by https://www.imitrk13.com/
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators
Hash 84b622eb79d84a20b4fb5d3e2e122e2a
73eb77325e2b070e36f393eb4db66fa5af549ac6
514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=6471fbaa00024548; unique_id2=6471fbaa00024e12
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:46:34 GMT
content-type: application/javascript
expires: Sat, 03 Jun 2023 12:46:34 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@600;700&display=swap
142.250.74.74200 OK 4.7 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@600;700&display=swap
IP 142.250.74.74:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type ASCII text, with very long lines (4834), with no line terminators
Hash 9e8560d8a830704fd9671da593514fbb
d688cb8c65466ade1cb43eba030bef0d7f5e799e
0d3cb2c3d4400b4a4ffd3a5fe557519d075855536b314caa23b32bf767a2d0b6
GET /css2?family=Inter:wght@600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 27 May 2023 12:46:35 GMT
date: Sat, 27 May 2023 12:46:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
18.200.4.16200 OK 16 kB URL User Request GET HTTP/2 IP 18.200.4.16:443
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054)
Hash e4cf191840c3153e2a80944dd2f1ba4b
d6fb8ed32978e26f3a3d4479b291157ec819b628
5eb94d1919695472cb89826c5c8a0d85afec3c13bfb08a28f4e569cab45c6aae
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 27 May 2023 12:46:34 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=6471fbaa00024548; Path=/; Expires=Wed, 26 Jul 2023 12:46:34 GMT; Secure; SameSite=None
unique_id2=6471fbaa00024e12; Path=/; Expires=Fri, 25 Aug 2023 12:46:34 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Sat, 27 May 2023 12:46:34 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2