autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
95.211.250.38301 Moved Permanently 371 B URL HTTP/1.1 autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e36a6e0cd8f88203a343658ebd67c354
e422ce8aaa66e8092e6b2d361d3c90b7f1415363
a1ec97fbcda5de6af3f6506b2cec3c128911ad5b718913c9d1c296acb5c4dc2f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 27 Sep 2022 15:42:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 371
Connection: keep-alive
Location: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
X-Powered-By: PleskLin
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 15:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: gi0XMmaFUBo7kYLD8sszxq3HPPh5JI8CSB4PYVgAwNSXdswbaxDSBA==
Age: 1647
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5601
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 15:42:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 2HMiwt59rwSKhriSRqMTY5q_KyS3Or_c1jUIpDEmNWEoyFhnJSp83Q==
age: 22724
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b9f9f1200fe94bff79169ac2de33105
bfb460792c093e2eb209935f382c758bdd67da52
b415eb9bbc889d600bbede68ca30cb906e99bff151bb5cef227a90bc41f7193a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B415EB9BBC889D600BBEDE68CA30CB906E99BFF151BB5CEF227A90BC41F7193A"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 27 Sep 2022 21:42:57 GMT
Date: Tue, 27 Sep 2022 15:42:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 15:10:46 GMT
Expires: Tue, 27 Sep 2022 16:02:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9x5Muj_j2Uvares_kG8uPEkG-NAE-dcTo4DEstSZR7ZTPATHNJhhMQ==
Age: 1931
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5670
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Last-Modified: Tue, 27 Sep 2022 14:08:28 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZHAMt8jQMAMhyKvH9Jjm2g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HpOEUxT/xX8jWbx1wiSowXkbyG4=
autko.nl/wp-content/themes/autko/img/autko-nl.svg
95.211.250.38200 OK 4.7 kB URL HTTP/2 autko.nl/wp-content/themes/autko/img/autko-nl.svg
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (1526), with CRLF line terminators
Hash 7142e623082b876c9413a340f0b4fee7
22456dbb4fdebb352b2257afd234d33b13460a2f
db8cb2e39f58d8431cbaf8025202d2757eed6dd9b26295b31769f18b88c80c63
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/img/autko-nl.svg HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: image/svg+xml
content-length: 4748
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "624c94b5-128c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autko.nl/wp-content/themes/autko/js/autko.js?ver=1.0.0
95.211.250.38200 OK 301 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/autko.js?ver=1.0.0
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with CRLF line terminators
Hash 6de476e00becd623006611bd3d5a66a1
4f28f2bf6c02b675871c48b3a1201b157587e1cd
2544358b534aeece5b14ef77554a6cd851869915fb7faf07a3d1cbd96367d43c
GET /wp-content/themes/autko/js/autko.js?ver=1.0.0 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
content-length: 301
x-accel-version: 0.01
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "2d7-5dbed082106dd-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.3.5
95.211.250.38200 OK 290 B URL HTTP/2 autko.nl/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.3.5
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (562), with no line terminators
Hash 4f07ec4566902e087924032cb4420162
19a3aa04b42de4930c4ad53647f6f4ee6b6a372f
7efaf9e12bad3196a9c4ebd44ddf9b06936da4bbf456be02f0e984aec4db2db4
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=3.3.5 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
content-length: 290
x-accel-version: 0.01
last-modified: Wed, 25 Apr 2018 13:32:58 GMT
etag: "232-56aac4f207680-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autko.nl/wp-content/themes/autko/js/skip-link-focus-fix.js?ver=20151215
95.211.250.38200 OK 472 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/skip-link-focus-fix.js?ver=20151215
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash b91407f320dfac37f38852555cba6598
8f0bcd6a15528def510f57ee29a31ffdce405450
fe3d9736e4e9189da3b68cb9c290c0bdce45d380a6a4179b53ea64202c23326c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
content-length: 472
x-accel-version: 0.01
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "370-5dbed0821167d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
142.250.74.170200 OK 68 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32073)
Hash 33411bb179575dfc40cc62c61899664f
d03c06d5893d632e1a7f826a6ffd9768ba885e11
274befc7b39609fed270e69335bc92b3d8251545594636eb408d5d93e0ae1a4f
GET /ajax/libs/jqueryui/1.12.1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 67948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 01:17:38 GMT
expires: Tue, 26 Sep 2023 01:17:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 138320
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32014)
Hash 28f3d6d8267f129fc0f17d06cf79d668
c115b6f5777693610e4badea0bb3d3093a4d8e0a
6fe4b034f874ace44678689986c0918e5100ba85ba89a59dc2ab237cc20c4214
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 12:52:11 GMT
expires: Tue, 26 Sep 2023 12:52:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 96647
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit&hl=pl
142.250.74.164200 OK 580 B URL HTTP/2 www.google.com/recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit&hl=pl
IP 142.250.74.164:0
File type ASCII text, with very long lines (919), with no line terminators
Hash acb1b11c9d46f52e0b4ed2fe6feed457
2d3616a5fe310eea22c852c2c33135f302506845
94bed1a7226a94070f3d43eab362a2975f6a2e73375361ea773d25933211a10a
GET /recaptcha/api.js?onload=renderInvisibleReCaptcha&render=explicit&hl=pl HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 27 Sep 2022 15:42:58 GMT
date: Tue, 27 Sep 2022 15:42:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 580
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
autko.nl/wp-includes/js/wp-embed.min.js?ver=4.9.21
95.211.250.38200 OK 1.1 kB URL HTTP/2 autko.nl/wp-includes/js/wp-embed.min.js?ver=4.9.21
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (1391), with no line terminators
Hash 814f4260cc1a65db5d002299e1d8746f
f0a9faf7d8dae92ebd94a82b0e8519410b66971c
e36f04864781f464b31daba6fea9850ffd8216edc7df79988bd2c7d27f3c719c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-embed.min.js?ver=4.9.21 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 01:17:36 GMT
etag: W/"632914b0-56f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
autko.nl/wp-content/themes/autko/img/ogloszenia.png
95.211.250.38200 OK 18 kB URL HTTP/2 autko.nl/wp-content/themes/autko/img/ogloszenia.png
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 3eb8ccf89305a2bd021566dd3231fc73
8f1ead3d9ee2b44ca77d6b351c2efe0cd9ba894d
9fd7dcc56c03c4ca216b5308094cd84b1e171d1a69dbef89f0d0f34581f1f18f
GET /wp-content/themes/autko/img/ogloszenia.png HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: image/png
content-length: 18287
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "624c94b5-476f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/img/zaloguj.png
95.211.250.38200 OK 18 kB URL HTTP/2 autko.nl/wp-content/themes/autko/img/zaloguj.png
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash a03ef54e60de935883c4df8d848719f8
3571b28e8d8be9b5d97a74af744dcc2382486f9d
6cfd89af9cae8816bd4280627b08727eb608885b0a410417f84400dbbcb1d49c
GET /wp-content/themes/autko/img/zaloguj.png HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: image/png
content-length: 18292
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "624c94b5-4774"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
autko.nl/wp-content/cache/autoptimize/css/autoptimize_552872c822ca13a6a5428b6f2b9344b0.css
95.211.250.38200 OK 4.9 kB URL HTTP/2 autko.nl/wp-content/cache/autoptimize/css/autoptimize_552872c822ca13a6a5428b6f2b9344b0.css
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (6798), with no line terminators
Hash e093d49bafb796a0e9096cc02334f069
74274d7dc99ed76f871a71f1ced9fa8cd47eccba
bc4aac61d3dfe636c26349bfe5fb64b1174926eb1ab5ee58a645c504b56fd1ef
GET /wp-content/cache/autoptimize/css/autoptimize_552872c822ca13a6a5428b6f2b9344b0.css HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: text/css
last-modified: Tue, 05 Apr 2022 18:50:23 GMT
cache-control: public, immutable
etag: W/"624c8f6f-1a8e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/img/dodaj.png
95.211.250.38200 OK 18 kB URL HTTP/2 autko.nl/wp-content/themes/autko/img/dodaj.png
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fced564f30b3c95d4248ad80d48c4be
2733991c4103e837d34ab568223f545e21c6659d
5e5d43f1fa8952c63f30d448ea8d769a5bd064b5f8e0e110e0f114bc87915742
GET /wp-content/themes/autko/img/dodaj.png HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: image/png
content-length: 18189
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "624c94b5-470d"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/fb2.png
95.211.250.38200 OK 18 kB URL HTTP/2 autko.nl/wp-content/themes/autko/fb2.png
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type PNG image data, 127 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e4bb4bc9e0df84934c1974995605330
9176551d4fbeb52cc23e10015600a6676757e191
a6918729f6817ccf7ef4dba008ed3aae44e4d12815d4e8e722b18346f3742f0d
GET /wp-content/themes/autko/fb2.png HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: image/png
content-length: 17674
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "624c94b5-450a"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/catamaran/v17/o-0mIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPHjct6L1SoM-jCpoiyDPA-9a6VI.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/catamaran/v17/o-0mIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPHjct6L1SoM-jCpoiyDPA-9a6VI.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19320, version 1.0\012- data
Hash 9e1bd82127f8b401ff6f1d912e22a711
9311d1302cc7668d5884c306e43d280cabe62241
61a2e9927b82d5e0e9e8e09f09586b5dbcb8d186ea16212614071acaa925e21b
GET /s/catamaran/v17/o-0mIpQoyXQa2RxT7-5B6Ryxs2E_6n1iPHjct6L1SoM-jCpoiyDPA-9a6VI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://autko.nl
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19320
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 08:07:36 GMT
expires: Tue, 26 Sep 2023 08:07:36 GMT
cache-control: public, max-age=31536000
age: 113722
last-modified: Fri, 24 Jun 2022 18:45:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
autko.nl/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
95.211.250.38200 OK 13 kB URL HTTP/2 autko.nl/wp-includes/js/wp-emoji-release.min.js?ver=4.9.21
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with very long lines (9063)
Hash c12802e803923e6710ceae614c3c6141
e35b4c9ebefc77d68005d56efe23ad6618f0d963
a203fa6f6f6d3a6dbfac0e5686332cd4c30db5952b838c211bcd67a144ce7934
GET /wp-includes/js/wp-emoji-release.min.js?ver=4.9.21 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 01:17:36 GMT
etag: W/"632914b0-2ea7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__pl.js
142.250.74.163200 OK 160 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__pl.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (696)
Size 160 kB (159948 bytes)
Hash 61ebade4bf2fa156b730903371980e1d
eaed5d44b90dd4e297ea9849fb4f64954a77af0d
e3dfc00824cd442b1c6c1555827c90bd9c280462c5c94e7afa078e98d53c1eee
GET /recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__pl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autko.nl
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 159948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 10:56:28 GMT
expires: Mon, 25 Sep 2023 10:56:28 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
content-type: text/javascript
age: 189991
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0081ab948d00c2dd510fcc7e7deb9f94
e682da3d6e1fe30c05a133065a273593afee91d0
afa64f51d7cfec0355c233277ea4b1584dd378dbbdb8a9b60343c7bd3bdc2f10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:59 GMT
Last-Modified: Tue, 27 Sep 2022 14:30:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pl_PL/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/pl_PL/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 2bf385fdcf6a7538a4f3b2a4be76def0
9d268d3048c123799dcb3e582c16e8cfa745f22d
c69b9dff567603722d8e1fea7474db0c3779137dd256811e528ac2468952eb80
GET /pl_PL/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f25ec3e8b37dd3adf5d7e6756aca2ce7
etag: "f3c7424775451f2bcc7c752ec9311b9a"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 27 Sep 2022 15:52:50 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: K/OF/c9qdTik87Kkvnbe8A==
x-fb-debug: 6hnskvvlHxibvmAZnVuAyJCwvf2Cqq7td7qMgnkare3BJnBD62gKAzeodJvyBPZNsC5Z8rzj7in8Pz695hSiqw==
priority: u=3,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 15:42:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/favicon.ico
95.211.250.38200 OK 370 kB URL HTTP/2 autko.nl/wp-content/themes/autko/favicon.ico
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type MS Windows icon resource - 6 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size 370 kB (370070 bytes)
Hash 23eda113bbc3e451060a7753245a0f13
d6c8f152e00f9167e97af5a9b477e0d625d2297a
1749e09dd366e291cf65712ab3397ce9b9d19d35375014be57aa233acbebc8b6
GET /wp-content/themes/autko/favicon.ico HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:59 GMT
content-type: image/vnd.microsoft.icon
content-length: 370070
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: "624c94b5-5a596"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0081ab948d00c2dd510fcc7e7deb9f94
e682da3d6e1fe30c05a133065a273593afee91d0
afa64f51d7cfec0355c233277ea4b1584dd378dbbdb8a9b60343c7bd3bdc2f10
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4369
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:42:59 GMT
Last-Modified: Tue, 27 Sep 2022 14:30:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/pl_PL/sdk.js?hash=e4e031ed45583c5113d92c02a3fe403d
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/pl_PL/sdk.js?hash=e4e031ed45583c5113d92c02a3fe403d
IP 157.240.200.14:0
File type ASCII text, with very long lines (18598)
Hash bd66d9ef2077bd7932d9c60570f69176
2a2584211313d52b16e1b3124ac2af08bd808c4d
37568a94531ee98a26d770ae68471694e94fb0fb91b1acb68cd04bc69bc7f806
GET /pl_PL/sdk.js?hash=e4e031ed45583c5113d92c02a3fe403d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://autko.nl
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 7906f13bacb56d4672099b60ae472b2e
etag: "c8b79380f7c6ff18f3bc4fa8ead9a2c5"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 27 Sep 2023 12:12:17 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: vWbZ7yB3vXky2cYFcPaRdg==
x-fb-debug: cdAH0LzjAGa1bTkM+fQQzw5AR9Dzs1wiCxWeh05wKHgct59i5EAkZiIgxNSSQNDzbi3stWKKEn9LNPtJRmp70w==
content-length: 88971
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 15:42:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11927
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11927
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11927
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:42:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11927
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:42:59 GMT
Connection: keep-alive
autko.nl/wp-admin/admin-ajax.php
95.211.250.38200 OK 7.5 kB URL HTTP/2 autko.nl/wp-admin/admin-ajax.php
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text
Hash 7e90dc3f7572c201983cbd69bde8d13e
335db050666e2c41fd9643d4136189f93ec1552b
60470cddc87bc7e3902e5cee9fdb0959827bb1849ec112017b385269f004aeff
Analyzer Verdict Alert fortinet Phishing
POST /wp-admin/admin-ajax.php HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 33
Origin: https://autko.nl
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:59 GMT
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://autko.nl
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
x-powered-by: PHP/7.1.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:37:50 GMT
age: 50709
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=1807850412768269&ev=fb_page_view&dl=https%3A%2F%2Fautko.nl%2Fwp-content%2Fuploads%2F2022%2F07%2Flost_lands_the_four_horsemen_activation_code_full_version.pdf&rl=&if=false&ts=1664293377264&sw=1280&sh=1024&at=
157.240.200.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=1807850412768269&ev=fb_page_view&dl=https%3A%2F%2Fautko.nl%2Fwp-content%2Fuploads%2F2022%2F07%2Flost_lands_the_four_horsemen_activation_code_full_version.pdf&rl=&if=false&ts=1664293377264&sw=1280&sh=1024&at=
IP 157.240.200.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=1807850412768269&ev=fb_page_view&dl=https%3A%2F%2Fautko.nl%2Fwp-content%2Fuploads%2F2022%2F07%2Flost_lands_the_four_horsemen_activation_code_full_version.pdf&rl=&if=false&ts=1664293377264&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Tue, 27 Sep 2022 15:42:59 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bs6HOUmHOoYKDuzBoVHhcr8d4HP4bBmwUF3EtOmwKXo7ozhfaIYEvw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:39:07 GMT
age: 65032
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91d97447a6a35813e57d942f685544c4
3b660de9902fbfcf2efb477f40480b08545ebc5f
08c1ea19c4918273da12c9a2e962edf4463c486a30f60c8a279a45e5edcf972a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff092f2d0-abd6-40d2-ad33-9fb0ded1ec0a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11881
x-amzn-requestid: 584a2270-56ef-4f46-8ab2-dc0e519b5f45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YshLfEfoIAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328157c-12f8e8e31318d2da70796520;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:08:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: bDpP2pZgrMz5bH_vy76SvyPojDGhPIHfOtv2i4dfHCs1GUuSZVC87w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:33:24 GMT
age: 61775
etag: "3b660de9902fbfcf2efb477f40480b08545ebc5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kRSg9NTTAgeAJgIZ_C9_rRodCX4bzGduJEvNPNHUya0Moa2vsmWSoQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:38:57 GMT
age: 65042
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p1vYTqYjOmYHjVmJ8f6qyT_nLIsyXsr7ZI-DI7JBF9RJa0ZJNPiluA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:56:23 GMT
age: 63996
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
95.211.250.38404 Not Found 0 B URL HTTP/2 autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
pragma: no-cache
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://autko.nl/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n; path=/
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/js/hammer.min.js
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/hammer.min.js
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/js/hammer.min.js HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: W/"624c94b5-511d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/?wc-ajax=get_refreshed_fragments
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/?wc-ajax=get_refreshed_fragments
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://autko.nl
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:59 GMT
content-type: application/json; charset=UTF-8
pragma: no-cache
access-control-allow-origin: https://autko.nl
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-powered-by: PHP/7.1.33, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/facetwp-conditional-logic/assets/js/front.js?ver=1.1
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/facetwp-conditional-logic/assets/js/front.js?ver=1.1
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/facetwp-conditional-logic/assets/js/front.js?ver=1.1 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Wed, 17 Aug 2016 15:47:27 GMT
etag: W/"57b4870f-1162"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Catamaran:300,500&subset=latin,latin-ext
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Catamaran:300,500&subset=latin,latin-ext
IP 142.250.74.10:0
GET /css?family=Catamaran:300,500&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:42:58 GMT
date: Tue, 27 Sep 2022 15:42:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.3.5
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.3.5
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=3.3.5 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Wed, 25 Apr 2018 13:32:58 GMT
etag: W/"5ae0838a-a08"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/11/svg/1f642.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/11/svg/1f642.svg
IP 192.0.77.48:0
GET /images/core/emoji/11/svg/1f642.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 08 Jun 2018 13:09:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/js/jquery.ui.touch-punch.min.js
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/jquery.ui.touch-punch.min.js
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/js/jquery.ui.touch-punch.min.js HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: W/"624c94b5-13d2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/js/dropzone.js
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/dropzone.js
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/js/dropzone.js HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: W/"624c94b5-1d9d6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/woocommerce-jetpack/includes/js/wcj-eu-vat-number.js?ver=5.3.9
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/woocommerce-jetpack/includes/js/wcj-eu-vat-number.js?ver=5.3.9
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/plugins/woocommerce-jetpack/includes/js/wcj-eu-vat-number.js?ver=5.3.9 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Fri, 23 Apr 2021 00:25:53 GMT
etag: W/"60821411-11c2"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.70 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Wed, 25 Apr 2018 13:32:58 GMT
etag: W/"5ae0838a-255e"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.0.1 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Wed, 25 Apr 2018 13:20:57 GMT
etag: W/"5ae080b9-38d7"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Wed, 25 Apr 2018 13:32:58 GMT
etag: W/"5ae0838a-736"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/js/jquery.dragsort-0.5.2.js
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/jquery.dragsort-0.5.2.js
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/js/jquery.dragsort-0.5.2.js HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: W/"624c94b5-4020"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Fri, 20 May 2016 04:11:28 GMT
etag: W/"573e8e70-2748"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-includes/css/dashicons.min.css?ver=4.9.21
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-includes/css/dashicons.min.css?ver=4.9.21
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dashicons.min.css?ver=4.9.21 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: text/css
last-modified: Sat, 19 Aug 2017 18:10:48 GMT
etag: W/"59987f28-b518"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/facetwp/includes/integrations/woocommerce/woocommerce.js?ver=2.4.5
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/facetwp/includes/integrations/woocommerce/woocommerce.js?ver=2.4.5
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/facetwp/includes/integrations/woocommerce/woocommerce.js?ver=2.4.5 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2016 23:19:01 GMT
etag: W/"577aeee5-46c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/themes/autko/js/navigation.js?ver=20151215
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/themes/autko/js/navigation.js?ver=20151215
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/autko/js/navigation.js?ver=20151215 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 05 Apr 2022 19:12:53 GMT
etag: W/"624c94b5-c86"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/woo-confirmation-email/assets/js/woo-confirmation-email-admin.js?ver=3.5.0
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/woo-confirmation-email/assets/js/woo-confirmation-email-admin.js?ver=3.5.0
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/plugins/woo-confirmation-email/assets/js/woo-confirmation-email-admin.js?ver=3.5.0 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Fri, 23 Apr 2021 00:32:47 GMT
etag: W/"608215af-95f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/cache/autoptimize/css/autoptimize_7955fef4e61bbfa4da42301515d8aff9.css HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: text/css
last-modified: Tue, 05 Apr 2022 18:50:23 GMT
cache-control: public, immutable
etag: W/"624c8f6f-3604d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-includes/js/jquery/jquery.js?ver=1.12.4
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-includes/js/jquery/jquery.js?ver=1.12.4
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.js?ver=1.12.4 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 01:17:36 GMT
etag: W/"632914b0-17a6a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
autko.nl/wp-content/plugins/facetwp/assets/js/src/query-string.js?ver=2.4.5
95.211.250.38200 OK 0 B URL HTTP/2 autko.nl/wp-content/plugins/facetwp/assets/js/src/query-string.js?ver=2.4.5
IP 95.211.250.38:0
ASN #60781 LeaseWeb Netherlands B.V.
GET /wp-content/plugins/facetwp/assets/js/src/query-string.js?ver=2.4.5 HTTP/1.1
Host: autko.nl
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://autko.nl/wp-content/uploads/2022/07/lost_lands_the_four_horsemen_activation_code_full_version.pdf
Cookie: PHPSESSID=6qe3b5i48i8h1saa4mb5thi20n
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:42:58 GMT
content-type: application/javascript
last-modified: Mon, 04 Jul 2016 23:18:56 GMT
etag: W/"577aeee0-72b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2