grbdxd.imitrkn.net/?utm_source=8c6b6393174e3966&s1=193364&s2=171487&click_id=20230525215053x52668&click_id2=
63.32.216.166302 Found 47 B URL User Request GET HTTP/1.1 grbdxd.imitrkn.net/?utm_source=8c6b6393174e3966&s1=193364&s2=171487&click_id=20230525215053x52668&click_id2=
IP 63.32.216.166:80
File type HTML document, ASCII text
Hash 70ce351b4e0fb3179c66d3c13286792d
521d3842914d13d0b9b96560de13ab793d7ae844
deb17edf2b88c355f649cd49ad76a08fbd4985c16f908baa392d62035417a82b
GET /?utm_source=8c6b6393174e3966&s1=193364&s2=171487&click_id=20230525215053x52668&click_id2= HTTP/1.1
Host: grbdxd.imitrkn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 25 May 2023 21:50:53 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 47
Connection: keep-alive
Location: https://www.imitrk13.com
Set-Cookie: unique_id=646fd83d000fc88a; Path=/; Expires=Mon, 24 Jul 2023 21:50:53 GMT
unique_id2=646fd83d000fd04c; Path=/; Expires=Wed, 23 Aug 2023 21:50:53 GMT
impression=; Path=/; Expires=Thu, 25 May 2023 21:50:53 GMT
tid=kigml646fd83d000c1cf6; Path=/; Expires=Fri, 28 Apr 2028 21:50:53 GMT
cdn-dimi.akamaized.net/landings/278175/1684764162/css/reset.css?1684764162
23.36.76.177200 OK 750 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/css/reset.css?1684764162
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 320ef06347c0c7030fff1680c0a75136
8d72c3fc5397ffe42f736e784b2256442ba07248
0f66cffe9b71dfd75001b302e0ac2f6ce93e0303dfb1f4e141815688e3487e38
GET /landings/278175/1684764162/css/reset.css?1684764162 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: 30gKXMwF1ps168O470gX3uBkRUn78myBmyn714v+zQWP/RIzf5sdzG2aez8cyu4tGVuuMp9a5E8=
x-amz-request-id: ZC2JNNT6Q2VPAPG1
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "320ef06347c0c7030fff1680c0a75136"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 25 May 2023 21:50:54 GMT
Content-Length: 750
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278175/1684764162/css/style.css?1684764162
23.36.76.177200 OK 776 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/css/style.css?1684764162
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash b5efaf64069e355d05b90b46d7ed7700
d08fd2ff27180e7110f2bc839ea13a284d9112ce
440302c9cef9fc201f2342e7d711c90e4bf60339d026c243a713a87f2589df88
GET /landings/278175/1684764162/css/style.css?1684764162 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: r5+SOnZQUb0QuY+U05Cwv1QGACW/1vkFF2J9Dj15ejhIqoL6j+GIqwcniadgjg8RQTRI7NiPHSc=
x-amz-request-id: ZC2T7FJ35RN05XB5
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "b5efaf64069e355d05b90b46d7ed7700"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: text/css
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Thu, 25 May 2023 21:50:54 GMT
Content-Length: 776
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
www.imitrk13.com/js/pushjs/1.0.0/utils.js
18.200.4.16200 OK 3.9 kB URL GET HTTP/2 www.imitrk13.com/js/pushjs/1.0.0/utils.js
IP 18.200.4.16:443
Requested by https://www.imitrk13.com/
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type gzip compressed data, from Unix\012- data
Hash 506ca895ecfd685165912d06ce35028d
ac05d8086de0eb1137d23c42cacdd5a3d56c42a1
1a2624489cd4687d07b7465ae3236e6cbf2129c59756f19b10f47e978c269066
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/utils.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=646fd83e00010c51; unique_id2=646fd83e000112c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 25 May 2023 21:50:54 GMT
content-type: application/javascript
expires: Thu, 01 Jun 2023 21:50:54 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Inter:wght@600;700&display=swap
142.250.74.106200 OK 1.1 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Inter:wght@600;700&display=swap
IP 142.250.74.106:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type gzip compressed data, max compression\012- data
Hash 3d49b14f14e49be56dda9c28b7453e26
ba1d75946b089d1c8a5b61698fc403f4b56c39b4
9cd96b37f7f5a596816afd15a1d8fcd36114595cef00c23b33cba96109e389d0
GET /css2?family=Inter:wght@600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 May 2023 21:50:54 GMT
date: Thu, 25 May 2023 21:50:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn-dimi.akamaized.net/assets/css/reset.css
23.36.76.177302 Moved Temporarily 0 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/assets/css/reset.css
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/reset.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/assets/css/style.css
23.36.76.177302 Moved Temporarily 0 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/assets/css/style.css
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /assets/css/style.css HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: AkamaiGHost
Content-Length: 0
Location: https://cdn-dimi.akamaized.net/404
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/404
23.36.76.177404 Not Found 134 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/404
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/404
23.36.76.177404 Not Found 134 B URL GET HTTP/1.1 cdn-dimi.akamaized.net/404
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9c7c01b7650d428a3540bd1d22390a2f
1de74307526c98f84fe5ef2f7dce7ae7c1f77dd0
08c97b6bb3dda74ce86e43cfe75fe216618aa8d1f1e04fa9fc5ef57d3b1a69e1
GET /404 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.imitrk13.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Content-Type: text/html
Content-Length: 134
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
cdn-dimi.akamaized.net/landings/278175/1684764162/images/pic-man_d.png
23.36.76.177200 OK 37 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/images/pic-man_d.png
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type PNG image data, 814 x 896, 8-bit colormap, non-interlaced\012- data
Hash a2e6765efc94ba8cf4bd936126576d3f
426685660df181223b3576e2cb317c4504027526
f134ab86c5a305d0a04300128322588f171b21a531cf82aa1c5ad75f58820543
GET /landings/278175/1684764162/images/pic-man_d.png HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: Xokdo/XkLAa7JgdpfP0fVMWhe53oaX1EreTb7RvOItF4WtDKnO4eGZ9qRxkNxsaRMrPe8sUDvHg=
x-amz-request-id: 84CPT7BJY3SQ62T0
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "a2e6765efc94ba8cf4bd936126576d3f"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 37157
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 21:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/firebasejs/5.0.2/firebase-app.js
142.250.74.35200 OK 8.6 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-app.js
IP 142.250.74.35:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (25088)
Hash 9164d0e8a317eceb870cca88c9683127
4617c910005f7100b4ff26a458a8b4463e33cdc6
15c9bd66992ef54979c981763cae280f28b6845520020ed38b5ab5f3f70f7931
GET /firebasejs/5.0.2/firebase-app.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 8604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 17:31:35 GMT
expires: Wed, 22 May 2024 17:31:35 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:51 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 188360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 21:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 21:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dimi.akamaized.net/landings/278175/1684764162/images/arrow.svg
23.36.76.177200 OK 5.2 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/images/arrow.svg
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (854)
Hash 349f207f561b8a5aaa030f17f7faa9d8
488f571a76a5ecff5a3f9ed85940feb0b29637a8
cbc3d1acb359e7a987ef29a89f62ee132f49318a3a328dfbd119a493fee8f167
GET /landings/278175/1684764162/images/arrow.svg HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn-dimi.akamaized.net/landings/278175/1684764162/css/style.css?1684764162
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: v2ZGlv4OKdKiOLeBWs0QDAOmOgpTJS4HF/uo7BuGyizwbz/DoiKSvo9ZcXYkcY3ahYcClUGohjs=
x-amz-request-id: Q9X9TQQQ3XKN63SH
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "349f207f561b8a5aaa030f17f7faa9d8"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/svg+xml
Server: AmazonS3
Content-Length: 5162
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
142.250.74.35200 OK 10 kB URL GET HTTP/2 www.gstatic.com/firebasejs/5.0.2/firebase-messaging.js
IP 142.250.74.35:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (35547)
Hash 0cb7a0eb328ea70ab360f861314c8820
e3e20eb50dae36f4cbcef1890b1cc7878acb537a
4569845f7c550a55311814032e88541bd3b4a055ec3894e9cf58c4fff1be91d9
GET /firebasejs/5.0.2/firebase-messaging.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-length: 10017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 May 2023 21:40:27 GMT
expires: Wed, 22 May 2024 21:40:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 10 May 2018 20:35:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 173428
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
142.250.74.3200 OK 38 kB URL GET HTTP/2 fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP 142.250.74.3:443
Requested by https://www.imitrk13.com/
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 37924, version 1.0\012- data
Hash e08be6d5d433944f7ad52902e4d24db5
e2600c1d60d12d397b3ee44411a021231d71e974
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
GET /s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.imitrk13.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 37924
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 03:18:11 GMT
expires: Sun, 19 May 2024 03:18:11 GMT
cache-control: public, max-age=31536000
age: 498764
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash abec0b27117032d4b87c029a25e2ce98
4c80c24717da4be72fd100343c5e92c1724ccd74
bc6bffd934c5172ab19ec9a41808b5543016f109670947e16c7ba285a295f606
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 25 May 2023 21:50:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn-dimi.akamaized.net/landings/278175/1684764162/images/favicon.ico?t=20230525215054
23.36.76.177200 OK 1.2 kB URL GET HTTP/1.1 cdn-dimi.akamaized.net/landings/278175/1684764162/images/favicon.ico?t=20230525215054
IP 23.36.76.177:443
ASN #20940 Akamai International B.V.
Requested by https://www.imitrk13.com/
Certificate IssuerDigiCert Inc
Subjecta248.e.akamai.net
Fingerprint7B:62:AB:D4:32:FB:D8:97:04:07:9A:AB:8E:BE:E6:48:AE:5C:8D:37
ValidityTue, 28 Jun 2022 00:00:00 GMT - Fri, 30 Jun 2023 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3c292280ee9b4d7a15bf7b3a6673acf7
72fae9ef1e5a2c730fbcf586cb84b6ebecae6189
658e1996ba0e0e34a6e650d1d4b7463ca1e0793e9b7ccb3f424a0ccd4625c17b
GET /landings/278175/1684764162/images/favicon.ico?t=20230525215054 HTTP/1.1
Host: cdn-dimi.akamaized.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
x-amz-id-2: whbplI88ZLPI1JfIonDRviik1OmtfxFdSQ6xcYAt49Yv+YxE969mc3Ie3YxMTMjgzBbuOUJDxVA=
x-amz-request-id: 6TM5ZSK9SXQ464CP
Last-Modified: Mon, 22 May 2023 14:02:44 GMT
ETag: "3c292280ee9b4d7a15bf7b3a6673acf7"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: image/x-icon
Server: AmazonS3
Content-Length: 1150
Date: Thu, 25 May 2023 21:50:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
18.200.4.16200 OK 9.4 kB URL GET HTTP/2 www.imitrk13.com/js/pushjs/1.0.0/subscriber.js
IP 18.200.4.16:443
Requested by https://www.imitrk13.com/
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type C source text\012- troff or preprocessor input, ASCII text, with very long lines (9653), with no line terminators
Hash 84b622eb79d84a20b4fb5d3e2e122e2a
73eb77325e2b070e36f393eb4db66fa5af549ac6
514e603036c84a1e1afbc3b0eb748362dbd294f6af16bf88637d7b27f7a224dc
Analyzer Verdict Alert fortinet Phishing
GET /js/pushjs/1.0.0/subscriber.js HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.imitrk13.com/
Cookie: unique_id=646fd83e00010c51; unique_id2=646fd83e000112c9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 May 2023 21:50:54 GMT
content-type: application/javascript
expires: Thu, 01 Jun 2023 21:50:54 GMT
cache-control: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2
best-girls-for-you.store/Dating_US/propellerads/AU_Dating_Push_IP_CPA_NewB_NoAudience_AllOS_HomeNet_GetFlirty-ads/
109.107.35.198302 Found 16 kB URL User Request GET HTTP/2 best-girls-for-you.store/Dating_US/propellerads/AU_Dating_Push_IP_CPA_NewB_NoAudience_AllOS_HomeNet_GetFlirty-ads/
IP 109.107.35.198:443
ASN #51059 Brightbox Systems Ltd
Certificate IssuerLet's Encrypt
Subjectcallpunch.ru
Fingerprint32:8F:DB:79:93:76:DC:8E:22:A5:4B:FC:8D:CE:D6:A4:09:E5:E5:20
ValidityTue, 25 Apr 2023 09:50:45 GMT - Mon, 24 Jul 2023 09:50:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /Dating_US/propellerads/AU_Dating_Push_IP_CPA_NewB_NoAudience_AllOS_HomeNet_GetFlirty-ads/ HTTP/1.1
Host: best-girls-for-you.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.10.3
date: Thu, 25 May 2023 21:50:53 GMT
content-type: text/html; charset=UTF-8
set-cookie: cpa_was_here_grbdxd_imitrkn_net=1; expires=Sun, 25-Jun-2023 21:50:53 GMT; Max-Age=2678400; path=/; domain=best-girls-for-you.store
cpa_parents=%7B%22grbdxd.imitrkn.net%22%3A%2220230525215053x52668%22%7D; expires=Sun, 25-Jun-2023 21:50:53 GMT; Max-Age=2678400; path=/; domain=best-girls-for-you.store
location: http://grbdxd.imitrkn.net?utm_source=8c6b6393174e3966&s1=193364&s2=171487&click_id=20230525215053x52668&click_id2=
X-Firefox-Spdy: h2
18.200.4.16200 OK 16 kB URL User Request GET HTTP/2 IP 18.200.4.16:443
Certificate IssuerLet's Encrypt
Subject*.imitrk13.com
Fingerprint7E:1C:DB:57:99:53:91:58:73:5D:E4:8E:65:15:99:F0:66:E5:29:2A
ValiditySat, 15 Apr 2023 23:50:27 GMT - Fri, 14 Jul 2023 23:50:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1054)
Hash 4012d151e347c869137e063a3fbd6ff0
69aed7bca8439ad77fe19fc009ed2ecfc0934912
620944b4cee133c10888e4c20593d0aeffdb32a149379020b158e66880f05eb6
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.imitrk13.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 May 2023 21:50:54 GMT
content-type: text/html; charset=utf-8
set-cookie: unique_id=646fd83e00010c51; Path=/; Expires=Mon, 24 Jul 2023 21:50:54 GMT; Secure; SameSite=None
unique_id2=646fd83e000112c9; Path=/; Expires=Wed, 23 Aug 2023 21:50:54 GMT; Secure; SameSite=None
impression=; Path=/; Expires=Thu, 25 May 2023 21:50:54 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2