Report - empoweracademy.samskappalcollege.online/raarw/auth/login.php?cmd=3Dl=

Report Overview

Submitted URL
empoweracademy.samskappalcollege.online/raarw/auth/login.php?cmd=3Dl=
IP
108.167.146.96
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-02-03 14:09:09
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
1
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	906 B	56 kB	142.250.74.164
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	67 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.9 kB	34.160.144.191
empoweracademy.samskappalcollege.online	unknown	2019-11-23T20:10:52Z	2023-03-06T20:14:58Z	1.1 kB	1.3 kB	108.167.146.96
cdn.jsinit.directfwd.com	324853	2021-05-08T13:46:40Z	2023-02-14T20:12:55Z	320 B	805 B	23.36.76.163
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
sedoparking.com	50712	2012-06-01T05:52:33Z	2019-03-28T06:46:41Z	1.7 kB	8.6 kB	64.190.63.136
pagead2.googlesyndication.com	101	2021-02-20T16:52:05Z	2023-03-13T08:39:15Z	338 B	3.9 kB	172.217.21.162
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	142.250.74.131
afs.googleusercontent.com	12123	2013-05-06T21:11:00Z	2023-03-13T05:21:41Z	885 B	56 kB	142.250.74.97
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.160.15.145
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
scoutnewresults.com	unknown	2022-11-01T16:14:32Z	2023-02-14T18:54:41Z	444 B	2.9 kB	208.91.196.46
img.sedoparking.com	54200	2013-04-23T00:23:29Z	2023-03-13T05:39:39Z	329 B	83 kB	205.234.175.175
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-03 14:09:31	medium	108.167.146.96	Client IP	ET INFO 404 Response with Javascript Variable in Page

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	empoweracademy.samskappalcollege.online/raarw/auth/login.php?cmd=3Dl=	Malware
2023-02-03	medium	empoweracademy.samskappalcollege.online/404.html	Malware
2023-02-03	medium	cdn.jsinit.directfwd.com/sk-jspark_init.php	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	empoweracademy.samskappalcollege.online/404.html	27 B	2023-03-07	2024-04-16
Pretty URL empoweracademy.samskappalcollege.online/404.html IP 108.167.146.96 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:16 Last Seen2024-04-16 05:41:45 Times Seen275 Hash 44c61c734dd997db1c65bb5998f06c34 8e71892b58f13f349c8a1501c726796ca0a2570b d615299db4fa19aa6e6edde96d0d6e1bbe34ce5e3719fd5a375c96ed288dd20a Loading...

	cdn.jsinit.directfwd.com/sk-jspark_init.php	1.8 kB	2023-03-08	2023-03-13
Pretty URL cdn.jsinit.directfwd.com/sk-jspark_init.php IP 23.36.76.163 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:53:55 Last Seen2023-03-13 21:07:31 Times Seen1 Hash 2387df201c4f6e98eeaaae5288e4d815 cca797c28bfc389bf106535fb73364b8f918e86f c8fc3a75859d9840feee425fb7dcd4ac3f8da82748bd1cd7bb7314877fce1245 Loading...

	scoutnewresults.com/sk-jspark.php?dn=empoweracademy.samskappalcollege.online&pid=9POBEX80W&kwrf=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F404.html&reqref=	2.2 kB	2023-03-07	2023-03-13
Pretty URL scoutnewresults.com/sk-jspark.php?dn=empoweracademy.samskappalcollege.online&pid=9POBEX80W&kwrf=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F404.html&reqref= IP 208.91.196.46 ASN #40034 CONFLUENCE-NETWORK-INC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:26 Last Seen2023-03-13 15:52:17 Times Seen1 Hash b7743e3f5abde25404df16a47eb90dad 5006bf408139ca421a98d34fc7b8b9dcd3b25338 6eb606797d4960f3a23c2ecbae4e25c5585e6cc3a7860572cf78c778dfa7c8dc Loading...

	empoweracademy.samskappalcollege.online/404.html	231 B	2023-03-07	2023-03-13
Pretty URL empoweracademy.samskappalcollege.online/404.html IP 108.167.146.96 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35:38 Last Seen2023-03-13 21:43:55 Times Seen1 Hash f807ed9615a1d09b14929e40a2bcc910 e7aba5f6d16805c7357919ce486533a97eccd2a8 8864c80b6800bb9736cbe50aa3bab856560e18013ac35de2c0bb66c483456041 Loading...

	pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js	7.1 kB	2023-03-08	2023-05-03
Pretty URL pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js IP 172.217.21.162 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 19:50:07 Last Seen2023-05-03 13:49:34 Times Seen243 Hash bbd5fc0aec5c3dd963d86eb940c3b196 0bbe5dce902b668d2065722b5405aac5d66bd75a 0ced4dcd1e50c73bc87029aab7e86e01e0d65c291d814ef248ceea99662cbe85 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:37:33 Last Seen2023-03-13 20:39:37 Times Seen1 Hash 8a515aee5bf4f7b837ed3e7fea1e3fe8 f44c9b45ef72e36840149a9712b587243536be71 ebfd5860fdb45018775aeccbd2a61c335abf5bfda082c85235baba7d036d765b Loading...

	sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref=	5.5 kB	2023-03-07	2024-01-10
Pretty URL sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref= IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:15 Last Seen2024-01-10 08:51:16 Times Seen14068 Hash ea441a4ad9bf148e5d8180a531b57c2b f825c0d4c39d7f50bc74188a695903ba8cb5ef20 50cc8ac8f50cdef0641f8c14ac12268a1930df9781ecf751d4d10aa1a3b772f5 Loading...

	www.google.com/afs/ads?adsafe=high&adtest=off&psid=5452909070&channel=exp-0051%2Cauxa-control-1%2C12467947&domain_name=samskappalcollege.online&client=dp-sedo89_3ph&r=m&sc_status=0&hl=no&rpbu=http%3A%2F%2Fsedoparking.com%2Fcaf%2F%3Fses%3DY3JlPTE2NzU0MzMzNDEmdGNpZD1zZWRvcGFya2luZy5jb202M2RkMTU3ZGE2NmUxMi4wODM1NzQ5MyZ0YXNrPXNlYXJjaCZkb21haW49c2Ftc2thcHBhbGNvbGxlZ2Uub25saW5lJnJlZ2lzdHJhcj1Ta2Vuem9yMjMmYV9pZD0zJnNlc3Npb249aEFncm9oT0xYRzJuMXhjeDNjOXQ%3D%26domain%3Dempoweracademy.samskappalcollege.online&type=3&uiopt=false&swp=as-drid-2572988782380738&afdt=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301075%2C17301078&format=r6%7Cs&nocache=1621675433372987&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1675433372994&u_w=1280&u_h=1024&biw=-12245933&bih=-12245933&isw=1256&ish=939&psw=1256&psh=999&frm=2&cl=503972142&uio=--&cont=rb-default&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fsedoparking.com%2Fsearch%2Fregistrar.php%3Fdomain%3Dempoweracademy.samskappalcollege.online%26rpv%3D2%26registrar%3DSkenzor23%26gst%3DChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil%26ref%3D&referer=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F&adbw=slave-1-1%3A300%2Cmaster-1%3A339	8.0 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/afs/ads?adsafe=high&adtest=off&psid=5452909070&channel=exp-0051%2Cauxa-control-1%2C12467947&domain_name=samskappalcollege.online&client=dp-sedo89_3ph&r=m&sc_status=0&hl=no&rpbu=http%3A%2F%2Fsedoparking.com%2Fcaf%2F%3Fses%3DY3JlPTE2NzU0MzMzNDEmdGNpZD1zZWRvcGFya2luZy5jb202M2RkMTU3ZGE2NmUxMi4wODM1NzQ5MyZ0YXNrPXNlYXJjaCZkb21haW49c2Ftc2thcHBhbGNvbGxlZ2Uub25saW5lJnJlZ2lzdHJhcj1Ta2Vuem9yMjMmYV9pZD0zJnNlc3Npb249aEFncm9oT0xYRzJuMXhjeDNjOXQ%3D%26domain%3Dempoweracademy.samskappalcollege.online&type=3&uiopt=false&swp=as-drid-2572988782380738&afdt=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301075%2C17301078&format=r6%7Cs&nocache=1621675433372987&num=0&output=afd_ads&v=3&bsl=8&pac=0&u_his=1&u_tz=0&dt=1675433372994&u_w=1280&u_h=1024&biw=-12245933&bih=-12245933&isw=1256&ish=939&psw=1256&psh=999&frm=2&cl=503972142&uio=--&cont=rb-default&jsid=caf&jsv=503972142&rurl=http%3A%2F%2Fsedoparking.com%2Fsearch%2Fregistrar.php%3Fdomain%3Dempoweracademy.samskappalcollege.online%26rpv%3D2%26registrar%3DSkenzor23%26gst%3DChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil%26ref%3D&referer=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F&adbw=slave-1-1%3A300%2Cmaster-1%3A339 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:52:17 Last Seen2023-03-13 15:52:17 Times Seen1 Hash ec73cf4f700ac68e48c55c82961f7937 2f4b0176bc4398a23d68a070715873408aa84c06 71de9e272ca1c6d5700af117dc4c3486313f69fa66225687fbf1c1aebd53c8ed Loading...

	sedoparking.com/frmpark/empoweracademy.samskappalcollege.online/Skenzor23/park.js	1.3 kB	2023-03-13	2023-03-13
Pretty URL sedoparking.com/frmpark/empoweracademy.samskappalcollege.online/Skenzor23/park.js IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 09:23:35 Last Seen2023-03-13 16:07:36 Times Seen1 Hash 25118de2d1f87177e9388703405dc65d 067133136f09557360ced216d8e4b54ef64d034a df7178ddcdeaef5c5785d1e969126d20c8369a8428c14b9c8e5bddace0319b4d Loading...

	sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref=	3.3 kB	2023-03-13	2023-03-13
Pretty URL sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref= IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:52:17 Last Seen2023-03-13 15:52:17 Times Seen1 Hash b722e10e691fb92233cca5090ce4b332 efb3912bfc4b259bbedf5d834d181c4db9d945b2 a7ba5845521a8528574594d1f48e107b683d08746271f67a02f31a5f6e1ef76c Loading...

	sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref=	622 B	2023-03-13	2023-10-05
Pretty URL sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref= IP 64.190.63.136 ASN #47846 SEDO GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:00:38 Last Seen2023-10-05 01:52:15 Times Seen112 Hash fa267830abd659151ffd905f581fa6c6 e04f25571985a274be4643978665d8a9dc66b7e8 e61f90da4cada2cb01386dfd651d20fb62858bf35c94c3bbc435bc560707fde3 Loading...

	www.google.com/afs/ads/i/iframe.html	1.3 kB	2023-03-07	2023-04-05
Pretty URL www.google.com/afs/ads/i/iframe.html IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2023-04-05 02:11:22 Times Seen1911 Hash 53a557946308585635eb80aec5326b9e 544b125203bfbb516566a63c9ef3dc57e9c06df9 eff95f5e15f8aa8c8b8c0f3aaeedba0091c1ec9732d78b6594c9ceb26c8eff28 Loading...

	www.google.com/adsense/domains/caf.js	148 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/adsense/domains/caf.js IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:36:48 Last Seen2023-03-13 20:49:08 Times Seen1 Hash 73b9ca6792438a758fcfc12516e8c2ef ff64bec9d87c21137846a6ef21bfff551ed30174 4555524547f44ee99433684f2f89b642b85f4604ac8e977a61497b42e37e3e9d Loading...

		Size	First Seen	Last Seen
	#1 Write - c4248a28f1d52da0039d5f129f3a8335	1.1 kB	2023-03-07	2023-03-13
Pretty Observations First Seen2023-03-07 01:35:38 Last Seen2023-03-13 21:43:55 Times Seen1 Hash c4248a28f1d52da0039d5f129f3a8335 c2cacf9e50a43616b08ae76ceb751cb796393393 103a5c4edf4b6a78e8616d1516ba90a080c334d6e6102827350656b1a928d388 Loading...

	#2 Write - e2cca9d8844abe330aa4b1c3026da0a8	151 B	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 09:23:35 Last Seen2023-03-13 16:07:36 Times Seen1 Hash e2cca9d8844abe330aa4b1c3026da0a8 e24df6c2d623da7ca9059e6d6fbbe9962c54f3da 63601f51712192efc7fade1d8c4a9dfff8f18763967fd5e0d694d838c060b684 Loading...

HTTP Transactions (37)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11705
Expires: Fri, 03 Feb 2023 17:24:03 GMT
Date: Fri, 03 Feb 2023 14:08:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11077
Expires: Fri, 03 Feb 2023 17:13:35 GMT
Date: Fri, 03 Feb 2023 14:08:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 13:43:35 GMT
content-type: application/json
age: 1523
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12055
Expires: Fri, 03 Feb 2023 17:29:53 GMT
Date: Fri, 03 Feb 2023 14:08:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: o+JDVvT14QuV0t6rU5r8d/4O4Q4TCsncyFUt1TrMAnTzbxSP/onVZ5CBL5p2IM9VxTG2vdFg4DX6M7mmfIkUvg==
x-amz-request-id: V8H3MY8GSGP80XTY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 13:23:33 GMT
age: 2725
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

empoweracademy.samskappalcollege.online/raarw/auth/login.php?cmd=3Dl=

108.167.146.96

302 Found

0 B

URL HTTP/1.1
empoweracademy.samskappalcollege.online/raarw/auth/login.php?cmd=3Dl=
IP
108.167.146.96:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /raarw/auth/login.php?cmd=3Dl= HTTP/1.1
Host: empoweracademy.samskappalcollege.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Fri, 03 Feb 2023 14:08:58 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: /404.html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 14:08:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

empoweracademy.samskappalcollege.online/404.html

108.167.146.96

404 Not Found

358 B

URL HTTP/1.1
empoweracademy.samskappalcollege.online/404.html
IP
108.167.146.96:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
358 B (358 bytes)
Hash
e6380e0c65d744670ca2bdfdebf952e7
72010e09611689dba83d615d7d4e14525584f574
a5a070dc995c94a5ecc33cec32455618639d9ea695e8a58df9bb22eee7e9ab09

Detections

Analyzer	Verdict	Alert
fortinet	Malware

NIDS	Severity	Alert
suricata	medium	ET INFO 404 Response with Javascript Variable in Page

HTTP Headers

GET /404.html HTTP/1.1
Host: empoweracademy.samskappalcollege.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Date: Fri, 03 Feb 2023 14:08:59 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 24 Aug 2022 18:55:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 358
Keep-Alive: timeout=5, max=75
Content-Type: text/html

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 13:49:06 GMT
age: 1193
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.jsinit.directfwd.com/sk-jspark_init.php

23.36.76.163

200 OK

598 B

URL HTTP/1.1
cdn.jsinit.directfwd.com/sk-jspark_init.php
IP
23.36.76.163:0
ASN
#20940 Akamai International B.V.

File type
ASCII text
Size
598 B (598 bytes)
Hash
707bae210b554be6a704b2c58120e093
1c974f89a58da47d09cb55c5b1b5e1f1263249b4
8792a3e20362a278a302d8b79cfcdf128f17bee87abd1b3133626e79b23c517c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sk-jspark_init.php HTTP/1.1
Host: cdn.jsinit.directfwd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/

HTTP/1.1 200 OK
Server: Apache
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 598
Date: Fri, 03 Feb 2023 14:08:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10837
Expires: Fri, 03 Feb 2023 17:09:36 GMT
Date: Fri, 03 Feb 2023 14:08:59 GMT
Connection: keep-alive

empoweracademy.samskappalcollege.online/favicon.ico

108.167.146.96

302 Found

0 B

URL HTTP/1.1
empoweracademy.samskappalcollege.online/favicon.ico
IP
108.167.146.96:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: empoweracademy.samskappalcollege.online
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/404.html

HTTP/1.1 302 Found
Date: Fri, 03 Feb 2023 14:08:59 GMT
Server: Apache
Location: /404.html
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

35.160.15.145

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.160.15.145:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7O7jyyt1zyEGVRdjDhPjNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fVmipe9lxslHeWC7P05Ww24OHw8=

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13466
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:09:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13466
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:09:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13466
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 14:09:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:28:50 GMT
age: 56411
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

scoutnewresults.com/sk-jspark.php?dn=empoweracademy.samskappalcollege.online&pid=9POBEX80W&kwrf=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F404.html&reqref=

208.91.196.46

200 OK

2.2 kB

URL HTTP/1.1
scoutnewresults.com/sk-jspark.php?dn=empoweracademy.samskappalcollege.online&pid=9POBEX80W&kwrf=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F404.html&reqref=
IP
208.91.196.46:0
ASN
#40034 CONFLUENCE-NETWORK-INC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (1528)
Size
2.2 kB (2189 bytes)
Hash
b7743e3f5abde25404df16a47eb90dad
5006bf408139ca421a98d34fc7b8b9dcd3b25338
6eb606797d4960f3a23c2ecbae4e25c5585e6cc3a7860572cf78c778dfa7c8dc

HTTP Headers

GET /sk-jspark.php?dn=empoweracademy.samskappalcollege.online&pid=9POBEX80W&kwrf=http%3A%2F%2Fempoweracademy.samskappalcollege.online%2F404.html&reqref= HTTP/1.1
Host: scoutnewresults.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 14:08:59 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Expires: Mon, 22 Jul 2002 11:12:01 GMT
Cache-Control: private, no-cache
Pragma: no-cache
Content-Length: 2189
Keep-Alive: timeout=5, max=104
Connection: Keep-Alive
Content-Type: text/javascript;charset=UTF-8

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vUJO-Pt9Hi1ndrCQQT1nNCGT7oDOYBpA8-EawHanESoZAsZv32dQdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 00:25:04 GMT
age: 49437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14071 bytes)
Hash
9ab97f766ee1ed6ebbb2b3889a9157b4
f87f165404dec4d65531e6e25146cb77601f3616
f3d0f76f956371b1733a526f10a8253fc3396a459d7af59380d8e8db7dee8ec2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5300360-6063-4d18-8dd2-28dbcf47d371.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14071
x-amzn-requestid: 40cb363f-2c4d-4361-9fe1-10e4c8b2fe29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fiTo4Ek2oAMFs6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d73305-6cb63d3c49f9f84e639467f6;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 03:01:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aTs6L8dJENFRdtBn7ggAbY5yaYRAzSY2B0bmElV4YNPrJg-KRDAyNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:46:56 GMT
age: 58925
etag: "f87f165404dec4d65531e6e25146cb77601f3616"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 04:53:21 GMT
age: 33340
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G0R-0w9HtLB5OXb-w-RyR9QCnrddkS29FqF_GeAQa1CRWkqaUJwQoA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:27:53 GMT
age: 56468
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZZXEXszbtmGh7kLfhabCGd41rZRnSmQvdcySUQRTDtJRBqZVUK3LaQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 07:19:27 GMT
age: 24574
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sedoparking.com/frmpark/empoweracademy.samskappalcollege.online/Skenzor23/park.js

64.190.63.136

200 OK

621 B

URL HTTP/1.1
sedoparking.com/frmpark/empoweracademy.samskappalcollege.online/Skenzor23/park.js
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
ASCII text, with very long lines (987)
Size
621 B (621 bytes)
Hash
6217c26e6a4b0c5b5b71a9e75985fe1a
310c2995d6356753635b8fe0df2bf656ac4dc752
5967901d63a37777523c2c310d69b2b5f6a8b1cbeae331fcdc1feae79de93de3

HTTP Headers

GET /frmpark/empoweracademy.samskappalcollege.online/Skenzor23/park.js HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/

HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 14:09:01 GMT
content-type: application/javascript; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-b748cdcd8-b5wc8
server: NginX
content-encoding: gzip

pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js

172.217.21.162

200 OK

3.1 kB

URL HTTP/1.1
pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js
IP
172.217.21.162:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1157)
Size
3.1 kB (3126 bytes)
Hash
046393fd3c7a11e55fea1f5d387cdd3f
6e2b13e7a77ab56bf92899b19fb95013e7a4d5cd
ac80004cfb20d5f74162d479b8f637a43e364333068d6b728b77f27cff48f417

HTTP Headers

GET /apps/domainpark/show_afd_ads.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Content-Length: 3126
Date: Fri, 03 Feb 2023 14:09:01 GMT
Expires: Fri, 03 Feb 2023 14:09:01 GMT
Cache-Control: private, max-age=3600
ETag: "6083360036849444329"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: sffe
X-XSS-Protection: 0

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4cf0ccf2909be74efd7a89dbe4228ffb
b4993da334b48312584d116a3de4be4cd71962cf
e81c8aa45d0707079d9eba798fb447059042453be4834d14467839688ca66f5d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:09:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=empoweracademy.samskappalcollege.online&afdt=create&swp=as-drid-2572988782380738&dt=1675433372593&u_tz=0&u_his=1&u_h=1024&u_w=1280&frm=0

142.250.74.164

200 OK

170 B

URL HTTP/2
www.google.com/dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=empoweracademy.samskappalcollege.online&afdt=create&swp=as-drid-2572988782380738&dt=1675433372593&u_tz=0&u_his=1&u_h=1024&u_w=1280&frm=0
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
170 B (170 bytes)
Hash
8a4b733a14df5596cec8c395f300769b
75840932ea205b7444edd609162f009eedc81f47
21bc52683091cd572cd61d5b766e6cf3fe90536b387100d92f00bf4ea83fa651

HTTP Headers

GET /dp/ads?output=afd_ads&client=dp-sedo89_3ph&domain_name=empoweracademy.samskappalcollege.online&afdt=create&swp=as-drid-2572988782380738&dt=1675433372593&u_tz=0&u_his=1&u_h=1024&u_w=1280&frm=0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://empoweracademy.samskappalcollege.online
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=ISO-8859-1
content-disposition: inline
date: Fri, 03 Feb 2023 14:09:01 GMT
expires: Fri, 03 Feb 2023 14:09:01 GMT
cache-control: private, max-age=3600
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="gws"
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-encoding: br
server: gws
content-length: 170
x-xss-protection: 0
set-cookie: CONSENT=PENDING+541; expires=Sun, 02-Feb-2025 14:09:01 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0c15fd84f4711d994724c35236542194
c47d77fe5b373a86bd9a116bd8baac07ec746add
a210a4599baaa980674b456f020282cd470559b319be263fdcf9eaec7cff0d3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:09:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref=

64.190.63.136

200 OK

6.9 kB

URL HTTP/1.1
sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref=
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9588)
Size
6.9 kB (6865 bytes)
Hash
db95ec17c0bb3f303d7d899e8975e258
4183271be4c71c5bd705105401c1f20182f1941f
52749faf7c5cb41a7c185209fa4e45ba3b47c2877e7b95bc5d5bb0201abbcfa0

HTTP Headers

GET /search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref= HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://empoweracademy.samskappalcollege.online/
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 14:09:01 GMT
content-type: text/html; charset=UTF-8
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/8.1.9
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_MliX8ss2qShYsPUJJa8ok9WdRjnDROEvlcg3+hUfKGPlfddodVbfHBNEqyhmPnErIX+G15X1JDPV6PlohDWm6g==
last-modified: Fri, 03 Feb 2023 14:09:01 GMT
x-cache-miss-from: parking-b748cdcd8-qdwpw
server: NginX
content-encoding: gzip

img.sedoparking.com/templates/bg/arrows-1-colors-3.png

205.234.175.175

200 OK

82 kB

URL HTTP/1.1
img.sedoparking.com/templates/bg/arrows-1-colors-3.png
IP
205.234.175.175:0
ASN
#30081 CACHENETWORKS

File type
PNG image data, 3024 x 2000, 8-bit/color RGBA, non-interlaced\012- data
Size
82 kB (82231 bytes)
Hash
b68c0210cadb1e12efc4557d7e49e48e
ad24ed2b2d5d166d07fbf0680693c88fb56fcb4b
e7ff091c85669b175de49d629d7d77bd20cd08d2c16ae74deef2ab06aec5854d

HTTP Headers

GET /templates/bg/arrows-1-colors-3.png HTTP/1.1
Host: img.sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sedoparking.com/

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 14:09:01 GMT
Content-Type: image/png
Content-Length: 82231
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Expires: Fri, 10 Feb 2023 14:09:01 GMT
X-CFHash: "b68c0210cadb1e12efc4557d7e49e48e"
X-CFF: B
Last-Modified: Wed, 22 Apr 2020 09:38:21 GMT
X-CF3: M
CF4Age: 0
x-cf-tsc: 1668185124
CF4ttl: 31536000.000
X-CF2: H
Server: CFS 0215
X-CF-ReqID: cf8681221548ef2caaea57872163c0b3
X-CF1: 11696:fA.arn1:cf:cacheN.arn1-01:H
Accept-Ranges: bytes

www.google.com/adsense/domains/caf.js

142.250.74.164

200 OK

54 kB

URL HTTP/1.1
www.google.com/adsense/domains/caf.js
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1743)
Size
54 kB (53840 bytes)
Hash
8850c37906b14952e976983d18797108
a3e7a46a4b789494ec34ef759d0cc55f61364634
f407af37cb4cf09d08283a670d789b38f35f9c5c8be594079a4bb2f79174ac5a

HTTP Headers

GET /adsense/domains/caf.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sedoparking.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="ads-afs-ui"
Report-To: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
Date: Fri, 03 Feb 2023 14:09:01 GMT
Expires: Fri, 03 Feb 2023 14:09:01 GMT
Cache-Control: private, max-age=3600
ETag: "1475992821716514115"
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: sffe
X-XSS-Protection: 0

sedoparking.com/search/tsc.php?200=MzgyODY3NTMz&21=OTEuOTAuNDIuMTU0&681=MTY3NTQzMzM0MWU2MGJkMGM3N2UxMGZiNjdjMmRhNGU2OGMyOTAzMjU5&crc=98b1aee961f2bf7c170e53fe5e1a9bc64c518adf&cv=1

64.190.63.136

200 OK

0 B

URL HTTP/1.1
sedoparking.com/search/tsc.php?200=MzgyODY3NTMz&21=OTEuOTAuNDIuMTU0&681=MTY3NTQzMzM0MWU2MGJkMGM3N2UxMGZiNjdjMmRhNGU2OGMyOTAzMjU5&crc=98b1aee961f2bf7c170e53fe5e1a9bc64c518adf&cv=1
IP
64.190.63.136:0
ASN
#47846 SEDO GmbH

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /search/tsc.php?200=MzgyODY3NTMz&21=OTEuOTAuNDIuMTU0&681=MTY3NTQzMzM0MWU2MGJkMGM3N2UxMGZiNjdjMmRhNGU2OGMyOTAzMjU5&crc=98b1aee961f2bf7c170e53fe5e1a9bc64c518adf&cv=1 HTTP/1.1
Host: sedoparking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://sedoparking.com/search/registrar.php?domain=empoweracademy.samskappalcollege.online&rpv=2&registrar=Skenzor23&gst=ChMI9e6rycP5_AIVRbSLCh3gmA6mEmoBJ3TYYfsHsya5ilNTbdxwWuH89j3IEqV3m2m2r4rHmCMft-ymcCvF5bZh03Xl7lcs3L2ng9261UkXN9wEkDbErfq_WCsMQTIrN0UoJ4nNRYmoAywuwZ7Px8YAUqp2cQ1oklreMk1u0lil&ref=

HTTP/1.1 200 OK
date: Fri, 03 Feb 2023 14:09:01 GMT
content-type: text/html; charset=UTF-8
content-length: 0
x-powered-by: PHP/8.1.9
x-cache-miss-from: parking-b748cdcd8-xpgch
server: NginX

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1c56c7c141fbb2647e4909546c5ee1ac
bf1479b20c78d135ce6397b0bff0e6573a3bcbef
30cd3ac555fa6d8d5a5a1165b9ff3b78336c0c3c44e22f034879869a99f61043

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2

142.250.74.97

200 OK

273 B

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (390)
Size
273 B (273 bytes)
Hash
4879b4bfc581cab5b5c803866211a36e
e1705c1fa9103a1a9f82a1bb5cd44c8e45bd520a
6ad1ffb79c80d41ec978dd45defe97ee70d0e2efd01bfe678198248819d1b98a

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/search.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 273
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 12:10:27 GMT
expires: Sat, 04 Feb 2023 11:10:27 GMT
cache-control: public, max-age=82800
age: 7115
last-modified: Thu, 19 Dec 2019 14:15:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1c56c7c141fbb2647e4909546c5ee1ac
bf1479b20c78d135ce6397b0bff0e6573a3bcbef
30cd3ac555fa6d8d5a5a1165b9ff3b78336c0c3c44e22f034879869a99f61043

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2

142.250.74.97

200 OK

54 kB

URL HTTP/2
afs.googleusercontent.com/ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2
IP
142.250.74.97:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1743)
Size
54 kB (53981 bytes)
Hash
7245d0d9d38f22ec104f915f98f0aec1
8f364017bf25caa0b378f6b5f77a8c3976027118
ef2062cc4fb7656aee98ce708830245b860a629a90d1c11fa0e361c9e1e091f0

HTTP Headers

GET /ad_icons/standard/publisher_icon_image/chevron.svg?c=%231967D2 HTTP/1.1
Host: afs.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/afs-native-asset-managers
cross-origin-opener-policy: same-origin; report-to="afs-native-asset-managers"
report-to: {"group":"afs-native-asset-managers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/afs-native-asset-managers"}]}
content-length: 174
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 12:48:35 GMT
expires: Sat, 04 Feb 2023 11:48:35 GMT
cache-control: public, max-age=82800
age: 4827
last-modified: Thu, 22 Oct 2020 21:45:00 GMT
content-type: image/svg+xml
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1c56c7c141fbb2647e4909546c5ee1ac
bf1479b20c78d135ce6397b0bff0e6573a3bcbef
30cd3ac555fa6d8d5a5a1165b9ff3b78336c0c3c44e22f034879869a99f61043

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 03 Feb 2023 14:09:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML